Create RADIUS Gateway
POST {{apiPath}}/environments/{{envID}}/gatewaysYou can use the POST {{apiPath}}/environments/{{envID}}/gateways operation to add a new RADIUS gateway to an environment.
Points to note about the body of the request:
-
For RADIUS gateways, the
typeparameter must be set to RADIUS. -
You must provide the
radiusClientsobject, which contains the IP and shared secret for each of the RADIUS clients. -
You must specify the ID of the Davinci flow policy that should be used for the gateway. For information on Davinci flow policies, refer to Adding an application in DaVinci.
-
If you provide a value for
defaultSharedSecret, that value will be used if you do not provide theradiusClients.sharedSecretfield for a RADIUS client. -
If you are using the MS-CHAP v2 or EAP-MSCHAP v2 protocol, you must provide the Network Policy Server (NPS) object when creating the RADIUS Gateway.
Request Model
For descriptions of the general parameters in the body of the request, refer to Gateway base data model.
| Property | Type | Required? |
|---|---|---|
|
String |
Optional |
|
Boolean |
Required |
|
String |
Required |
|
String |
Required |
For descriptions of the RADIUS-specific parameters in the body of the request, refer to Gateway RADIUS data model.
| Property | Type | Required? |
|---|---|---|
|
String |
Required |
|
String |
Optional |
|
Object |
Optional |
|
String |
Required |
|
Integer |
Required |
|
Object[] |
Required |
|
Object |
Optional |
|
Boolean |
Optional |
|
Boolean |
Optional |
|
String[] |
Required |
|
String[] |
Optional |
Body
raw ( application/json )
{
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": null,
"blastRadiusMitigation": {
"requireMsgAuth" : "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
}Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/gateways' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": null,
"blastRadiusMitigation": {
"requireMsgAuth" : "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/gateways")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""name"": ""New RADIUS Gateway""," + "\n" +
@" ""description"": ""Gateway using updated settings""," + "\n" +
@" ""type"": ""RADIUS""," + "\n" +
@" ""enabled"": true," + "\n" +
@" ""radiusClients"": [" + "\n" +
@" {" + "\n" +
@" ""ip"": ""127.0.0.1""," + "\n" +
@" ""sharedSecret"": null," + "\n" +
@" ""blastRadiusMitigation"": {" + "\n" +
@" ""requireMsgAuth"" : ""true""" + "\n" +
@" }" + "\n" +
@" }" + "\n" +
@" ]," + "\n" +
@" ""defaultSharedSecret"": ""secret""," + "\n" +
@" ""davinci"": {" + "\n" +
@" ""policy"": {" + "\n" +
@" ""id"": ""567a3443878d406e3fb22f5307059e0b""" + "\n" +
@" }" + "\n" +
@" }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/gateways"
method := "POST"
payload := strings.NewReader(`{
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": null,
"blastRadiusMitigation": {
"requireMsgAuth" : "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/gateways HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": null,
"blastRadiusMitigation": {
"requireMsgAuth" : "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"New RADIUS Gateway\",\n \"description\": \"Gateway using updated settings\",\n \"type\": \"RADIUS\",\n \"enabled\": true,\n \"radiusClients\": [\n {\n \"ip\": \"127.0.0.1\",\n \"sharedSecret\": null,\n \"blastRadiusMitigation\": {\n \"requireMsgAuth\" : \"true\"\n }\n }\n ],\n \"defaultSharedSecret\": \"secret\",\n \"davinci\": {\n \"policy\": {\n \"id\": \"567a3443878d406e3fb22f5307059e0b\"\n }\n }\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/gateways")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/gateways",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": null,
"blastRadiusMitigation": {
"requireMsgAuth": "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/gateways',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": null,
"blastRadiusMitigation": {
"requireMsgAuth": "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/gateways"
payload = json.dumps({
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": True,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": None,
"blastRadiusMitigation": {
"requireMsgAuth": "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/gateways');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "name": "New RADIUS Gateway",\n "description": "Gateway using updated settings",\n "type": "RADIUS",\n "enabled": true,\n "radiusClients": [\n {\n "ip": "127.0.0.1",\n "sharedSecret": null,\n "blastRadiusMitigation": {\n "requireMsgAuth" : "true"\n }\n }\n ],\n "defaultSharedSecret": "secret",\n "davinci": {\n "policy": {\n "id": "567a3443878d406e3fb22f5307059e0b"\n }\n }\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/gateways")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"radiusClients": [
{
"ip": "127.0.0.1",
"sharedSecret": "__RUBY\#%0NULL__",
"blastRadiusMitigation": {
"requireMsgAuth": "true"
}
}
],
"defaultSharedSecret": "secret",
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
}
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"name\": \"New RADIUS Gateway\",\n \"description\": \"Gateway using updated settings\",\n \"type\": \"RADIUS\",\n \"enabled\": true,\n \"radiusClients\": [\n {\n \"ip\": \"127.0.0.1\",\n \"sharedSecret\": null,\n \"blastRadiusMitigation\": {\n \"requireMsgAuth\" : \"true\"\n }\n }\n ],\n \"defaultSharedSecret\": \"secret\",\n \"davinci\": {\n \"policy\": {\n \"id\": \"567a3443878d406e3fb22f5307059e0b\"\n }\n }\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/gateways")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
201 Created
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/gateways/e5feee84-b1d7-4d6b-bcfb-24299be36dba"
},
"environment": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"instances": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/gateways/e5feee84-b1d7-4d6b-bcfb-24299be36dba/instances"
},
"credentials": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/gateways/e5feee84-b1d7-4d6b-bcfb-24299be36dba/credentials"
}
},
"id": "e5feee84-b1d7-4d6b-bcfb-24299be36dba",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "New RADIUS Gateway",
"description": "Gateway using updated settings",
"type": "RADIUS",
"enabled": true,
"supportedVersions": [
{
"version": "1.2.0",
"image": "pingidentity/pingone-radius-gateway:1.2.0",
"recommended": true,
"latest": true
},
{
"version": "1.1.1",
"image": "pingidentity/pingone-radius-gateway:1.1.1",
"supportEndsOn": "2025-07-31T00:00:00.000Z",
"daysUntilSupportEnds": 206
}
],
"currentAlerts": [
{
"category": "No Instances Connected",
"detail": "No gateway instances are connected. All operations that require access to this gateway will fail.",
"severity": "ERROR"
}
],
"radiusClients": [
{
"ip": "127.0.0.1",
"blastRadiusMitigation": {
"requireMsgAuth": true
}
}
],
"davinci": {
"policy": {
"id": "567a3443878d406e3fb22f5307059e0b"
}
},
"defaultSharedSecret": "secret",
"authenticationPort": 1812
}