a10_aam_authentication_template

Synopsis

Authentication template

Parameters

Parameters

Choices/Defaults

Comment

state

str/required

[‘noop’, ‘present’, ‘absent’]

State of the object to be created.

ansible_host

str/required

Host for AXAPI authentication

ansible_username

str/required

Username for AXAPI authentication

ansible_password

str/required

Password for AXAPI authentication

ansible_port

int/required

Port for AXAPI authentication

a10_device_context_id

int

[‘1-8’]

Device ID for aVCS configuration

a10_partition

str

Destination/target partition for object/command

name

str/required

Authentication template name

ntype

str

‘saml’= SAML authentication template; ‘standard’= Standard authentication template;

auth_sess_mode

str

‘cookie-based’= Track auth-session by cookie (default); ‘ip-based’= Track auth- session by client IP;

saml_sp

str

Specify SAML service provider

saml_idp

str

Specify SAML identity provider

cookie_domain

list

Field cookie_domain

cookie_dmn

str

Specify domain scope for the authentication (ex= .a10networks.com)

cookie_domain_group

list

Field cookie_domain_group

cookie_dmngrp

int

Specify group id to join in the cookie-domain

cookie_max_age

int

Configure Max-Age for authentication session cookie (Configure Max-Age in seconds. System will not set Max-Age/Expires for value 0 and default is 604800 (1 week).)

cookie_secure_enable

bool

Enable secure attribute for AAM cookies

cookie_httponly_enable

bool

Enable httponly attribute for AAM cookies

cookie_samesite

str

‘strict’= Specify SameSite attribute as Strict for AAM cookie; ‘lax’= Specify SameSite attribute as Lax for AAM cookie; ‘none’= Specify SameSite attribute as None for AAM cookie;

max_session_time

int

Specify default SAML token lifetime (Specify lifetime (in seconds) of SAML token when it not provided by token attributes, default is 28800. (0 for indefinite))

local_logging

bool

Enable local logging

logon

str

Specify authentication logon (Specify authentication logon template name)

logout_idle_timeout

int

Specify idle logout time (Specify idle timeout in seconds, default is 300)

logout_url

str

Specify logout url (Specify logout url string)

forward_logout_disable

bool

Disable forward logout request to backend application server. The config-field logout-url must be configured first

relay

str

Specify authentication relay (Specify authentication relay template name)

jwt

str

Specify authentication jwt template

server

str

Specify authentication server (Specify authentication server template name)

service_group

str

Bind an authentication service group to this template (Specify authentication service group name)

account

str

Specify AD domain account

accounting_server

str

Specify a RADIUS accounting server

accounting_service_group

str

Specify an authentication service group for RADIUS accounting

redirect_hostname

str

Hostname(Length 1-31) for transparent-proxy authentication

modify_content_security_policy

bool

Put redirect-uri or service-principal-name into CSP header to avoid CPS break authentication process

log

str

‘use-partition-level-config’= Use configuration of authentication-log enable command; ‘enable’= Enable authentication logs for this template; ‘disable’= Disable authentication logs for this template;

uuid

str

uuid of the object

user_tag

str

Customized tag

Status

  • This module is not guaranteed to have a backwards compatible interface. [preview]

  • This module is maintained by community.

Authors

  • A10 Networks 2021