If the method succeeds, rc is 0 else rc > 0. Values above 0x8000 indicate Warnings.

If the method succeeds, message is NULL else message contains Error/Warning message.

List of aaaparameters

Indicates if static page caching is enabled or not.

Indicates whether enhanced auth feedback is enabled or not.

The default authentication server type.

The maximum number of concurrent users allowed to log into the system at any time.

The natIp to be used for the AAA traffic

Maximum Number of login Attempts

Number of minutes an account will be locked if user exceeds maximum permissible attempts

Enables/Disables stickiness to authentication servers

Audit log level, which specifies the types of events to log for cli executed methods. Available values function as follows: * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail.

AAAD log level, which specifies the types of AAAD events to log in nsvpn.log. Available values function as follows: * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail.

Set by the DHCP client when the IP address was fetched dynamically.

First time user mode determines which configuration options are shown by default when logging in to the GUI. This setting is controlled by the GUI.

This will set the maximum deflate size in case of SAML Redirect binding.

Persistent storage of unsuccessful user login attempts

This will set the threshold time in days for password expiry notification. Default value is 0, which means no notification is sent

This will set maximum number of Questions to be asked for KB Validation. Default value is 2, Max Value is 6

Flag to determine if aaa param is built-in or not

Parameter to encrypt login information for nFactor flow

SameSite attribute value for Cookies generated in AAATM context. This attribute value will be appended only for the cookies which are specified in the builtin patset ns_cookies_samesite

Option to enable/disable API cache feature.

Frequency at which a token must be verified at the Authorization Server (AS) despite being found in cache.

Parameter to enable/disable default CSP header

Parameter to enable/disable classic endpoints

Parameter to enable/disable webview endpoints

Parameter to set/reset HttpOnly Flag for NSC_AAAC/NSC_TMAS cookies in nfactor

Parameter to enable/disable EPA v2 functionality

Entities for which WAF Protection need to be applied. Available settings function as follows: * DEFAULT - AUTH, VPN and PORTAL Protections are enabled. This is the default value for wafProtection * AUTH - Endpoints used for Authentication applicable for both AAATM, IDP, GATEWAY use cases. * VPN - Endpoints used for Gateway use cases. * PORTAL - Endpoints related to web portal. * DISABLED - No Endpoint WAF protection. Currently supported only in default partition

On enabling this option, the Citrix ADC will send the security insight records to the configured collectors when request comes to Authentication endpoint. * If cs vserver is frontend with Authentication vserver as target for cs action, then record is sent using Authentication vserver name. * If vpn/lb/cs vserver are configured with Authentication ON, then then record is sent using vpn/lb/cs vserver name accordingly. * If authentication vserver is frontend, then record is sent using Authentication vserver name.