Template Management: Role Profile

Role Profile Template helps to divide the roles of the users according to their profiles. It is capable of applying settings to restrict certain users and to provide access to some.

API Calls

Get

/V5/templates/ROLE_PROFILE

Get

/V5/templates/{templateId}/ROLE_PROFILE

Put

/V5/templates

Put

/V5/templates/copy/{templateId}/ROLE_PROFILE

Post

/V5/templates

Delete

/V5/templates/{tempalteId}/ROLE_PROFILE

Get All Role Profiles

Description	Fetches the primary information about all role profiles for the specified location.
Who Can Execute?	Superuser, Administrator, Operator, and Viewer.
Syntax	GET <Base_URL>/templates/ROLE_PROFILE?locationid=<value>& minimalinforequired =<value>&fields=<value>&filter=<value>&fetchSubTreeTemplates=<value> locationid Is used to specify location Id for which information is requested. It takes an integer value. To retrieve the value for location id refer Location call. minimalinforequired Is used to retrieve minimal information. For false all attributes are populated else minimal information is retrieved. It takes a boolean value. It is a mandatory attribute. fields List of selective fields which will be returned in the response. It takes String value. fetchSubTreeTemplates If set to true, templates created above, at and below the given location will be returned. If false, only templates created above and at the given location will be returned. It takes a boolean value.
Sample code	GET https://training.mojonetworks.com/new/webservice/V5/templates/ROLE_PROFILE?locationid=1&minimalinforequired=true
Request Body	This API call does not require any request body parameters.
Response Body	If the API call is successful, the HTTP response status is 200. The response body contains the detailed information about all role profiles for the specified location. The response is in the application/JSON format.

Get Details of a Role Profile

Description	Fetches the complete details of a role profile.
Who Can Execute?	Superuser, Administrator, Operator, and Viewer.
Syntax	GET <Base_URL>/templates/{templateId}/ROLE_PROFILE?locationid=<value>&fields=<value> templateid It is Id to identify the template. It takes an integer value. locationid Is used to specify location Id for which information is requested. It takes an integer value. To retrieve the value for location id refer Location call. fields List of selective fields which will be returned in the response. It takes String value.
Sample code	GET https://training.mojonetworks.com/new/webservice/templates/4/ROLE_PROFILE?locationid=0
Request Body	This API call does not require any request body parameters.
Response Body	If the API call is successful, the HTTP response status is 200. The response body contains detailed information of the specified role profile. The response is in the application/JSON format.

Add a Role Profile

Description	Adds a template at the specified location.
Who Can Execute?	Superuser, Administrator, and Operator.
Syntax	PUT <Base_URL>/templates?locationid=<value> locationid It is the parameter that specifies the location at which the template must be added. The parameter value is specified in the application/json format. To fetch the appropriate location ID you can use Locations call.
Sample code	PUT https://training.mojonetworks.com/new/webservice/V5/templates? locationid=1
Request Body	The API call requires the details of the Role Profile. You must provide the appropriate values for the following mandatory attributes: type templateName ssid role vlanEnabled/inheritFromSSID A sample request body is as follows: { "type": "roletemplate", "templateName": "test ssid", "ssid": "test ssid", "role": "Test Role", "vlanEnabled": true }
Response Body	If the API call is successful, the HTTP response status is 200. The response body contains details of the newly created role profile. The response is in the application/json format.

Copy a Role Profile

Description	Copies a role profile template at the specified location.
Who Can Execute?	Superuser, Administrator, and Operator.
Syntax	PUT <Base_URL>/templates/copy/{templateId}ROLE_PROFILE/?locationid=<value>&nodeId=<value> templateid Is the ID of the template. It takes an integer value. locationid This takes an integer value specifying the location at which the template exists. To retrieve the value for location id refer Location call. nodeid This takes an integer value specifying the node in a cluster deployment on which the location exists.
Sample code	PUT https://training.mojonetworks.com/new/webservice/V5/templates/copy/2/ROLE_PROFILE? locationid=0&nodeid=1
Request Body	This API call requires the details of the location to which the Network Interface Profile must be copied. The destination location information is passed as parameters in the request body. The parameters are passed in the application/json format. You must provide appropriate values for the childId JSON attribute in the case of a cluster deployment. A sample request body is as follows: { "type": "locallocationid", "id": 2 }
Response Body	If the API call is successful, the HTTP response status is 200. The response body contains detailed information of the copied Role Profile. The response is in the application/json format.

Edit a Role Profile

Description	Modifies the details of the specified role profile template.
Who Can Execute?	Superuser, Administrator, and Operator.
Syntax	POST <Base_URL>/templates
Sample code	POST https://training.mojonetworks.com/new/webservice/V5/templates
Request Body Parameters	This API call requires the details of the role profile to be modified, which is passed as parameters in the request body. The templateId attribute is generated by the system when you add a template. To modify the template, you must provide the same system-generated template ID. You must provide the appropriate values for the following mandatory attributes: type templateName role vlanEnabled/inheritFromSSID A sample request body is as follows: { "type": "roletemplate", "templateName": "test ssid1", "role": "Test Role", "vlanEnabled": true, "inheritFromSSID": false }
Response Body	If the API call is successful, the HTTP response status is 200. The response body contains modified role profile details. The response is in the application/json format.

Delete a Role Profile

Description	Deletes the specified role profile template.
Who Can Execute?	Superuser, Administrator, and Operator.
Syntax	DELETE <Base_URL>/templates/{templateId}/ROLE_PROFILE?locationid=<value> templateid It is id to identify the template. It takes an integer value. locationid Is used to specify location Id for which information is requested. It takes an integer value. To retrieve the value for location id refer Location call.
Sample code	DELETE https://training.mojonetworks.com/new/webservice/V5/templates/47/ROLE_PROFILE
Request Body Parameters	This API call does not require any request body parameters.
Response Body	If the API call is successful, the HTTP response status is 204. The response body does not contain any other information

JSON Table

Attribute	Data Type	Description
type	String	Template type. Applicable value is roletemplate.
templateId	int	System generated value to identify the template.
templateName	String	Name of the template.
createdAtLocationId	application/json	ID of location at which the template is created. The value is of the type Location ID JSON.
description	String	For internal use only.
templateType	String	Template type. The applicable value is ROLE_PROFILE
mncTemplateId	int	System-generated ID of the template provided via the parent server to the child server.
role	String	Role asigned to a user.
inheritFromSSID	boolean	True role profile configurations that are not defined will be inherited form SSID.
vlanEnabled	boolean	True indicates VLAN is enabled. If inheritFromSSID is set to true, vlanEnabled must also be set to true.
vlanId	int	VLAN IDs available to user sessions on which the role is applied.
firewallEnabled	boolean	True indiactes firewall is enabled.
applicationFirewallEnabled	boolean	True indiactes application firewall is enabled.
firewallProfile	application/json	Firewall settings
firewallProfile/ssid	int	A read-only field for internal use.
firewallProfile/hostName	String	IP address or FQDN of a host for which the firewall rule applies.
firewallProfile/direction	String	Direction for which the firewall will be enabled. The applicable values are: 0 for ANY 1 for IN 2 for OUT
firewallProfile/protocol	int	Protocol. The applicable values: 0 for any (default value) 1 for TCP 2 for UDP For any other protocol, set protocol value + 3. For example, if you want to specify 22 for ssh, add 25.
firewallProfile/action	int	Actions to allow or block the traffic. The applicable values are: 1 for allow 2 for block
firewallProfile/port	String	Port number
firewallProfile/orderId	int	Order ID
firewallProfile/mncOid	int	System-generated unique ID of the firewall profile.
firewallProfile/markDirection	String	Direction of network traffic. The applicable values are: To_wireless To _wired. Both
firewallProfile/dscpValue	int	Specifies the Differentiated Services Code Point (DSCP) value for a firewall rule set.
firewallProfile/defaultRule	boolean	A true or false value indicating whether this is the default rule.
firewallProfile/oid	int	System-generated unique ID of the firewall rule.
firewallProfile/name	String	Name of the firewall rule.
applicationFirewallRules	application/json	Controls incoming and outgoing traffic for specifed applications.
applicationFirewallRules/orderId	int	Order ID
applicationFirewallRules/action	String	Actions to allow or block the traffic. The applicable values are: 1 for allow 2 for block
applicationFirewallRules/markDirection	String	Direction of network traffic. The applicable values are: To_wireless To _wired. Both
applicationFirewallRules/dscpValue	int	Specifies the Differentiated Services Code Point (DSCP) value for a application firewall rule set.
applicationFirewallRules/category	String	Category of application. Possible values are Messaging Mail etc.
applicationFirewallRules/applicationIds	int
applicationFirewallRules/ruleName	String	Name of the application firewall rule.
perUserTrafficControlEnabled	boolean	True indicates traffic control is enabled.
trafficControlDownloadLimit	int	Traffic control download limit
trafficControlDownloadLimitUnit	int	Bandwidth control download limit
trafficControlUploadLimitUnit	int	The possible values are: 0:kbps 1:mbps
trafficControlUploadLimit	int	Bandwidth control upload limit
redirection	application/json	Redirection settings
redirection/redirectUrl	String	Redirection URL
redirection/exemptedWebHostList	String	IP address that are to be exempted from redirection.
redirection/webQuarantineOption	int
redirection/webQuarantineEnabled	boolean
mnctemplate	boolean	True indicates this has been pushed by the parent server.

Sample JSON

{
	"type": "roletemplate",
	"templateId": 1,
	"templateName": "Test Role Profile",
	"createdAtLocationId": {
		"type": "locallocationid",
		"id": 0
	},
	"description": "",
	"templateType": "ROLE_PROFILE",
	"mncTemplateId": 0,
	"role": "Test Role",
	"inheritFromSSID": false,
	"vlanEnabled": true,
	"vlanId": 3,
	"firewallEnabled": true,
	"applicationFirewallEnabled": true,
	"firewallProfile": [{
		"ssid": 1,
		"hostName": "",
		"direction": 0,
		"protocol": 0,
		"action": 2,
		"port": "",
		"orderId": -1,
		"mncOid": 0,
		"markDirection": "TO_WIRELESS",
		"dscpValue": -100,
		"defaultRule": true,
		"oid": 1,
		"name": null
	}],
	"applicationFirewallRules": [{
		"orderId": 1,
		"action": "BLOCK",
		"markDirection": "TO_WIRELESS",
		"dscpValue": -100,
		"category": "File Transfer",
		"applicationIds": [102, 831],
		"ruleName": "test rule3"
	}],
	"perUserTrafficControlEnabled": true,
	"trafficControlDownloadLimit": 100,
	"trafficControlDownloadLimitUnit": 0,
	"trafficControlUploadLimitUnit": 0,
	"trafficControlUploadLimit": 100,
	"redirection": {
		"redirectUrl": "https://abc.com",
		"exemptedWebHostList": ["abc.com:80,443", "xyz.com:80,443"],
		"webQuarantineOption": 1,
		"webQuarantineEnabled": true
	},
	"mnctemplate": false
}

Understand Arista Cloud Architecture

Know what Arista APIs can do

Know how Arista APIs work?

API Reference

Template Management: Role Profile