Set up TACACS+ Authentication

Vectra Cognito's TACACS+ Authentication supports the following protocols:

  • PAP
  • CHAP 

NOTE: ASCII, MSCHAPv1 and MSCHAPv2 authentication methods are not currently supported.

Setup TACACS+ Profile

To configure browse to Manage - External Authentication - TACACS+ Profiles - Create

Provide the following required fields and the correct protocol.


Click on Create and you should see a message "TACACS profile created!"

Once the Profile has been created you should assign users to this profile.

You can create new users under Manage - Users or use the API to migrate users to the new profile.  At this time the web interface cannot be used to migrate existing users to a new authentication method without first deleting and recreating the users.

Steps to migrate existing users to TACACS+ profile via REST API

Send a PATCH request to:

URL: https://<mgt_ip>/api/v2/users/<id>
Headers : "Authorization": "Token <api-key>"" "Content-Type": "application/json"
Body: {"account_type": "TACACS", "authentication_profile": "tacacs-profile"}

 For more information regarding using the REST API go to Resources - REST API Guide.

Was this article helpful?
0 out of 0 found this helpful

Download PDF


Article is closed for comments.