aam authentication oauth¶
AAM Oauth 2.0 related configuration
oauth Specification¶
Type
Intermediate Resource
Element Name
oauth
Element URI
/axapi/v3/aam/authentication/oauth
Element Attributes
oauth_attributes
Schema
Operations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/aam/authentication/oauth | oauth_attributes |
oauth attributes¶
authorization-server-list
Type: List
Refernce Object: /axapi/v3/aam/authentication/oauth/authorization-server/{name}
client-list
Type: List
Refernce Object: /axapi/v3/aam/authentication/oauth/client/{name}
global
Description: global is a JSON Block. Please see below for global
Type: Object
Refernce Object: /axapi/v3/aam/authentication/oauth/global
global¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
client-list¶
Specification
Type
list
Block object keys
client-id
Description Specify oauth client-id
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
client-secret
Description
Type: string
Format: password
Maximum Length: 127 characters
Maximum Length: 1 characters
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)
grant-type
Description ‘implicit’: The authorization server will return access token directly.; ‘authorization-code’: The authorization server will respond with code which can be exchange for access token.; ‘hybrid-code-id-token’: The authorization server will respond with both code and id token.; ‘hybrid-code-token’: The authorization server will respond with both code and access token.; ‘hybrid-all’: The authorization server will respond with code, access token and id token;
Type: string
Supported Values: implicit, authorization-code, hybrid-code-id-token, hybrid-code-token, hybrid-all
infinity
Description Auth session never time out whatever value oauth servers’ response
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: infinity and token-lifetime are mutually exclusive
name
Description Specify client object name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
parameter-nonce-enable
Description Enable nonce parameter for authorization and token request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
redirection-endpoint
Description Oauth client redirection endpoint service URL, this URL will plus /js automatically when authorization-endpoint using GET metho
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
scope
Description Specify request scope parameters (e.g. profile email address phone)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
session-init-ttl
Description TTL for Thunder to wait for first response from authorization server
Type: number
Range: 1-60
token-lifetime
Description
Type: number
Range: 1-2592000
Mutual Exclusion: token-lifetime and infinity are mutually exclusive
type
Description ‘openid-connect’: openid-connect;
Type: string
Supported Values: openid-connect
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters