aXAPI Authentication and Authorization Requirements | A10 Certified Professional System Administration Exam

aXAPI Authentication and Authorization Requirements

Question

Select the statement that describes aXAPI authentication and authorization requirements:

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C

aXAPI is a RESTful API that allows users to programmatically interact with A10 Networks devices such as Application Delivery Controllers (ADCs) and Service Mesh. aXAPI authentication and authorization requirements ensure that only authorized users can execute scripts or perform other operations through the API.

Option A states that aXAPI requires that users are assigned to the “aXAPI” role before they can execute a script. This statement is incorrect. While it is possible to assign the “aXAPI” role to users, it is not a requirement. Instead, aXAPI uses role-based access control (RBAC) to grant or deny access to specific resources based on a user's assigned role.

Option B states that aXAPI is subject to the same permissions requirements as the CLI and GUI. This statement is correct. In fact, aXAPI uses the same RBAC rules as the CLI and GUI, so a user's access to resources via aXAPI is governed by the same permissions as their access through the CLI or GUI.

Option C states that aXAPI has special permissions that differ from CLI and GUI permissions. This statement is incorrect. As stated above, aXAPI uses the same RBAC rules as the CLI and GUI, so there are no special permissions that differ from those used by the CLI and GUI.

Option D states that aXAPI is subject to authorization but not authentication requirements. This statement is incorrect. aXAPI is subject to both authentication and authorization requirements. Before a user can access a resource via aXAPI, they must authenticate themselves using their username and password or an API key. Once authenticated, aXAPI verifies that the user is authorized to access the requested resource based on their assigned role and the RBAC rules configured on the device.

In conclusion, Option B is the correct statement that describes aXAPI authentication and authorization requirements. aXAPI uses the same RBAC rules as the CLI and GUI, so a user's access to resources via aXAPI is governed by the same permissions as their access through the CLI or GUI.