This can also now be handled within the JumpCloud Admin Portal interface. See Manage Password and Security Settings.
Two attributes are available for the JumpCloud API /radiusservers/{radiusserver_id} endpoint.
The values for each attribute are maintain or remove.
- userLockoutAction – This attribute controls the action taken when a user is locked out. If set to remove, when a user is locked out of JumpCloud due to repeated failed login attempts, the user is removed from the RADIUS server and can no longer authenticate. If set to maintain, when a user is locked out of JumpCloud, they remain and can still authenticate.
- userPasswordExpirationAction – This attribute controls the action taken when a user’s JumpCloud account password expires. If set to remove, when a user’s account password expires, the user is removed from the RADIUS server and can no longer authenticate. If set to maintain, when a user’s password expires, they remain and can still authenticate.
The default setting for both attributes for RADIUS servers added after October 28, 2019 is maintain. It's important to note that this setting doesn't change for existing RADIUS servers and Google Workspace integrations; it only affects RADIUS servers created after October 28, 2019.
To see a list of RADIUS servers and their settings for the new attributes, do an HTTP GET request. See the Sample Requests for an example GET call.
Sample Requests
The following sample is an example request of an HTTP PATCH call containing the new attributes.
curl -X PATCH https://console.jumpcloud.com/api/radiusservers/{radiusserver_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"userLockoutAction": "maintain",
"userPasswordExpirationAction": "remove"
}'
The following sample is an example request of an HTTP GET call to see a list of RADIUS servers.
curl -X GET https://console.jumpcloud.com/api/radiusservers/ \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
Be sure to replace {API_KEY} and {radiusserver_ID} with your own values and remember to remove the brackets { } around the values.