Description
Delete Identity Awareness associations for one IP address, a range of IP addresses, or a subnet.
Syntax
POST https://<GW_IP_or_FQDN>/_IA_API/v1.0/delete-identity
Parameter |
Type |
Description |
Default value |
---|---|---|---|
|
String |
Shared secret. |
N/A |
|
String (IP) |
Association IP address. Required when you revoke a single IP address. |
Empty |
|
String |
Type of revoke method. It can be empty for the deletion of a single association by an IP address. Otherwise permitted values: mask - for the deletion of all associations in a subnet. range - for the deletion of all associations in a range. |
Empty |
|
String (IP) |
Subnet. Required when the revoke method is mask. |
Empty |
|
String (IP) |
Subnet mask. Required when the revoke method is mask. |
Empty |
|
String (IP) |
First IP address in the range. Required when the revoke method is range. |
Empty |
|
String (IP) |
Last IP address in the range. Required when the revoke method is range. |
Empty |
|
String |
Deletes only associations created by the specified identity source. If no value is set for the client-type parameter, or if it is set to any, the gateway deletes all identities associated with the given IP (or IPs) (see the client type table for a list of the permitted values). Note - When the |
Any |
List of identity sources for the client-type parameter:
Client type |
Description |
---|---|
|
All identity sources |
|
Browser-Based Authentication |
|
Identity Agents |
|
Remote Access |
|
Active Directory query |
|
Terminal Servers (multi-user host agent) |
|
RADIUS Accounting |
|
Identity Web API |
|
Identity Collector |
Response
Parameter |
Type |
Description |
---|---|---|
ipv6-address |
String (IP) |
Deleted IPv6 association |
ipv4-address |
String (IP) |
Deleted IPv4 association |
message |
String |
Textual description of the command’s result |
count |
Unsigned integer |
Number of deleted identities |
Examples
Example request 1: Delete by IP
POST https://gw.acme.com/_IA_API/1.0/delete-identity
{ "shared-secret":"****", "ip-address":"1.1.1.1" } |
Response 1
{ "count":"1", "ipv4-address":"1.1.1.1", "message":"Disassociation sent to PDP." } |
Example request 2: Delete by IP range
POST https://gw.acme.com/_IA_API/v1.0/delete-identity
{ "shared-secret":"****", "revoke-method":"range", "ip-address-first":"1.1.1.2", "ip-address-last":"1.1.1.3" } |
Response 2
{ "count":"2", "message":"Total of 2 IPs disassociations will be processed." } |
Example request 3: Delete by IP subnet
POST https://gw.acme.com/_IA_API/idasdk/delete-identity
{ "shared-secret":"****", "revoke-method":" mask", "subnet":"1.1.1.1", "subnet-mask":"255.255.255.0" } |
Response 3
{ "count":"100", "message":"Total of 100 IPs disassociations will be processed." } |