--- title: Create RADIUS Gateway description: You can use the POST {{apiPath}}/v1/environments/{{envID}}/gateways operation to add a new RADIUS gateway to an environment. component: pingone-api page_id: pingone-api:platform:gateway-management/gateways/create-radius-gateway canonical_url: https://developer.pingidentity.com/pingone-api/platform/gateway-management/gateways/create-radius-gateway.html section_ids: headers: Headers body: Body example-request: Example Request example-response: Example Response --- # Create RADIUS Gateway ## ```none POST {{apiPath}}/v1/environments/{{envID}}/gateways ``` You can use the `POST {{apiPath}}/v1/environments/{{envID}}/gateways` operation to add a new RADIUS gateway to an environment. Points to note about the body of the request: * For RADIUS gateways, the `type` parameter must be set to RADIUS. * You must provide the `radiusClients` object, which contains the IP and shared secret for each of the RADIUS clients. * You must specify the ID of the Davinci flow policy that should be used for the gateway. For information on Davinci flow policies, refer to [Adding an application in DaVinci](https://docs.pingidentity.com/integrations/pingone/pingone_davinci_integration_kit/pf_p1_davinci_ik_adding_an_application_in_davinci.html). * If you provide a value for `defaultSharedSecret`, that value will be used if you do not provide the `radiusClients.sharedSecret` field for a RADIUS client. * If you are using the MS-CHAP v2 or EAP-MSCHAP v2 protocol, you must provide the Network Policy Server (NPS) object when creating the RADIUS Gateway. > **Collapse: Request Model** > > For descriptions of the general parameters in the body of the request, refer to [Gateway base data model](../gateways.html#gateway-base-data-model). > > | Property | Type | Required | > | ------------- | ------- | -------- | > | `description` | String | Optional | > | `enabled` | Boolean | Required | > | `name` | String | Required | > | `type` | String | Required | > > For descriptions of the RADIUS-specific parameters in the body of the request, refer to [Gateway RADIUS data model](../gateways.html#radius-gateway-data-model). > > | Property | Type | Required | > | ----------------------------------------------------- | --------- | -------- | > | `davinci.policy.id` | String | Required | > | `defaultSharedSecret` | String | Optional | > | `networkPolicyServer` | Object | Optional | > | `networkPolicyServer.ip` | String | Required | > | `networkPolicyServer.port` | Integer | Required | > | `radiusClients` | Object\[] | Required | > | `radiusClients.blastRadiusMitigation` | Object | Optional | > | `radiusClients.blastRadiusMitigation.limitProxyState` | Boolean | Optional | > | `radiusClients.blastRadiusMitigation.requireMsgAuth` | Boolean | Optional | > | `radiusClients.ip` | String\[] | Required | > | `radiusClients.sharedSecret` | String\[] | Optional | ### Headers Authorization      Bearer {{accessToken}} Content-Type      application/json ### Body raw ( application/json ) ```json { "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": null, "blastRadiusMitigation": { "requireMsgAuth" : "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } } ``` ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{apiPath}}/v1/environments/{{envID}}/gateways' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer {{accessToken}}' \ --data '{ "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": null, "blastRadiusMitigation": { "requireMsgAuth" : "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } }' ``` ```csharp var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/gateways") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "application/json"); request.AddHeader("Authorization", "Bearer {{accessToken}}"); var body = @"{" + "\n" + @" ""name"": ""New RADIUS Gateway""," + "\n" + @" ""description"": ""Gateway using updated settings""," + "\n" + @" ""type"": ""RADIUS""," + "\n" + @" ""enabled"": true," + "\n" + @" ""radiusClients"": [" + "\n" + @" {" + "\n" + @" ""ip"": ""127.0.0.1""," + "\n" + @" ""sharedSecret"": null," + "\n" + @" ""blastRadiusMitigation"": {" + "\n" + @" ""requireMsgAuth"" : ""true""" + "\n" + @" }" + "\n" + @" }" + "\n" + @" ]," + "\n" + @" ""defaultSharedSecret"": ""secret""," + "\n" + @" ""davinci"": {" + "\n" + @" ""policy"": {" + "\n" + @" ""id"": ""567a3443878d406e3fb22f5307059e0b""" + "\n" + @" }" + "\n" + @" }" + "\n" + @"}"; request.AddStringBody(body, DataFormat.Json); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{apiPath}}/v1/environments/{{envID}}/gateways" method := "POST" payload := strings.NewReader(`{ "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": null, "blastRadiusMitigation": { "requireMsgAuth" : "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } }`) client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/json") req.Header.Add("Authorization", "Bearer {{accessToken}}") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http POST /v1/environments/{{envID}}/gateways HTTP/1.1 Host: {{apiPath}} Content-Type: application/json Authorization: Bearer {{accessToken}} { "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": null, "blastRadiusMitigation": { "requireMsgAuth" : "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } } ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"New RADIUS Gateway\",\n \"description\": \"Gateway using updated settings\",\n \"type\": \"RADIUS\",\n \"enabled\": true,\n \"radiusClients\": [\n {\n \"ip\": \"127.0.0.1\",\n \"sharedSecret\": null,\n \"blastRadiusMitigation\": {\n \"requireMsgAuth\" : \"true\"\n }\n }\n ],\n \"defaultSharedSecret\": \"secret\",\n \"davinci\": {\n \"policy\": {\n \"id\": \"567a3443878d406e3fb22f5307059e0b\"\n }\n }\n}"); Request request = new Request.Builder() .url("{{apiPath}}/v1/environments/{{envID}}/gateways") .method("POST", body) .addHeader("Content-Type", "application/json") .addHeader("Authorization", "Bearer {{accessToken}}") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{apiPath}}/v1/environments/{{envID}}/gateways", "method": "POST", "timeout": 0, "headers": { "Content-Type": "application/json", "Authorization": "Bearer {{accessToken}}" }, "data": JSON.stringify({ "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": null, "blastRadiusMitigation": { "requireMsgAuth": "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } }), }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'POST', 'url': '{{apiPath}}/v1/environments/{{envID}}/gateways', 'headers': { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' }, body: JSON.stringify({ "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": null, "blastRadiusMitigation": { "requireMsgAuth": "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } }) }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests import json url = "{{apiPath}}/v1/environments/{{envID}}/gateways" payload = json.dumps({ "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": True, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": None, "blastRadiusMitigation": { "requireMsgAuth": "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } }) headers = { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' } response = requests.request("POST", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{apiPath}}/v1/environments/{{envID}}/gateways'); $request->setMethod(HTTP_Request2::METHOD_POST); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/json', 'Authorization' => 'Bearer {{accessToken}}' )); $request->setBody('{\n "name": "New RADIUS Gateway",\n "description": "Gateway using updated settings",\n "type": "RADIUS",\n "enabled": true,\n "radiusClients": [\n {\n "ip": "127.0.0.1",\n "sharedSecret": null,\n "blastRadiusMitigation": {\n "requireMsgAuth" : "true"\n }\n }\n ],\n "defaultSharedSecret": "secret",\n "davinci": {\n "policy": {\n "id": "567a3443878d406e3fb22f5307059e0b"\n }\n }\n}'); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "json" require "net/http" url = URI("{{apiPath}}/v1/environments/{{envID}}/gateways") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Post.new(url) request["Content-Type"] = "application/json" request["Authorization"] = "Bearer {{accessToken}}" request.body = JSON.dump({ "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "radiusClients": [ { "ip": "127.0.0.1", "sharedSecret": "__RUBY\#%0NULL__", "blastRadiusMitigation": { "requireMsgAuth": "true" } } ], "defaultSharedSecret": "secret", "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } } }) response = http.request(request) puts response.read_body ``` ```swift let parameters = "{\n \"name\": \"New RADIUS Gateway\",\n \"description\": \"Gateway using updated settings\",\n \"type\": \"RADIUS\",\n \"enabled\": true,\n \"radiusClients\": [\n {\n \"ip\": \"127.0.0.1\",\n \"sharedSecret\": null,\n \"blastRadiusMitigation\": {\n \"requireMsgAuth\" : \"true\"\n }\n }\n ],\n \"defaultSharedSecret\": \"secret\",\n \"davinci\": {\n \"policy\": {\n \"id\": \"567a3443878d406e3fb22f5307059e0b\"\n }\n }\n}" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/gateways")!,timeoutInterval: Double.infinity) request.addValue("application/json", forHTTPHeaderField: "Content-Type") request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 201 Created ```json { "_links": { "self": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/gateways/e5feee84-b1d7-4d6b-bcfb-24299be36dba" }, "environment": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "instances": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/gateways/e5feee84-b1d7-4d6b-bcfb-24299be36dba/instances" }, "credentials": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/gateways/e5feee84-b1d7-4d6b-bcfb-24299be36dba/credentials" } }, "id": "e5feee84-b1d7-4d6b-bcfb-24299be36dba", "environment": { "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "name": "New RADIUS Gateway", "description": "Gateway using updated settings", "type": "RADIUS", "enabled": true, "supportedVersions": [ { "version": "1.2.0", "image": "pingidentity/pingone-radius-gateway:1.2.0", "recommended": true, "latest": true }, { "version": "1.1.1", "image": "pingidentity/pingone-radius-gateway:1.1.1", "supportEndsOn": "2025-07-31T00:00:00.000Z", "daysUntilSupportEnds": 206 } ], "currentAlerts": [ { "category": "No Instances Connected", "detail": "No gateway instances are connected. All operations that require access to this gateway will fail.", "severity": "ERROR" } ], "radiusClients": [ { "ip": "127.0.0.1", "blastRadiusMitigation": { "requireMsgAuth": true } } ], "davinci": { "policy": { "id": "567a3443878d406e3fb22f5307059e0b" } }, "defaultSharedSecret": "secret", "authenticationPort": 1812 } ```