.. _aam_jwt_authorization: aam jwt-authorization ===================== AAM JWT authorization related configuration jwt-authorization Specification ------------------------------- ===================================== ===================================================================== ===================================== ===================================================================== **Type** *Collection* **Object Key(s)** *name* **Collection Name** :ref:`101_jwt-authorization_list` **Collection URI** /axapi/v3/aam/jwt-authorization **Element Name** jwt-authorization **Element URI** /axapi/v3/aam/jwt-authorization/{name} **Element Attributes** jwt-authorization_attributes **Statistics Data URI** /axapi/v3/aam/jwt-authorization/{name}/stats **Schema** :download:`jwt-authorization schema ` ===================================== ===================================================================== **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html

Operation	Method	URI	Payload
Create Object .. raw:: html	POST .. raw:: html	/axapi/v3/aam/jwt-authorization .. raw:: html	:ref:`101_jwt-authorization_attributes` .. raw:: html
Create List .. raw:: html	POST .. raw:: html	/axapi/v3/aam/jwt-authorization .. raw:: html	:ref:`101_jwt-authorization_attributes` .. raw:: html
Get Object .. raw:: html	GET .. raw:: html	/axapi/v3/aam/jwt-authorization/{name} .. raw:: html	:ref:`101_jwt-authorization_attributes` .. raw:: html
Get List .. raw:: html	GET .. raw:: html	/axapi/v3/aam/jwt-authorization .. raw:: html	:ref:`101_jwt-authorization_list` .. raw:: html
Modify Object .. raw:: html	POST .. raw:: html	/axapi/v3/aam/jwt-authorization/{name} .. raw:: html	:ref:`101_jwt-authorization_attributes` .. raw:: html
Replace Object .. raw:: html	PUT .. raw:: html	/axapi/v3/aam/jwt-authorization/{name} .. raw:: html	:ref:`101_jwt-authorization_attributes` .. raw:: html
Replace List .. raw:: html	PUT .. raw:: html	/axapi/v3/aam/jwt-authorization .. raw:: html	:ref:`101_jwt-authorization_list` .. raw:: html
Delete Object .. raw:: html	DELETE .. raw:: html	/axapi/v3/aam/jwt-authorization/{name} .. raw:: html	:ref:`101_jwt-authorization_attributes` .. raw:: html

.. _101_jwt-authorization_list: jwt-authorization-list ---------------------- jwt-authorization-list is **JSON List** of :ref:`101_jwt-authorization_attributes` jwt-authorization-list : [ { :ref:`101_jwt-authorization_attributes` }, { :ref:`101_jwt-authorization_attributes` }, ... ] .. _101_jwt-authorization_attributes: jwt-authorization attributes ---------------------------- **encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string) **exp-claim-requried** **Description** Specify the exp claim is required for JWT authorization **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **jwt-cache-enable** **Description** Enable caching authorized JWT token and skip verification and authorization for cached tokens **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **jwt-exp-default** **Description** Specify the default token expiration if exp claim is not available (default 1800) **Type:** number **Range:** 1-86400 **jwt-forwarding** **Description** Specify JWT token will not be stripped while forwarding client request **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **log-level** **Description** '0': log disable; '1': only log authorzation fail (default); '2': only log authorization success; '3': log all; **Type:** string **Supported Values:** 0, 1, 2, 3 **name** **Description** Specify JWT authorization template name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **packet-capture-template** **Description** Name of the packet capture template to be bind with this object **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/visibility/packet-capture/object-templates/aam-jwt-authorization-tmpl ` **sampling-enable** **Type:** List **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **verification-cert** **Description** Specify the certificate to verify JWT token signature **Type:** string **Maximum Length:** 255 characters **Maximum Length:** 1 characters **Mutual Exclusion:** verification-cert verification-jwks and verification-secret are mutually exclusive **verification-jwks** **Description** Specify the jwks file to verify JWT token signature **Type:** string **Maximum Length:** 255 characters **Maximum Length:** 1 characters **Mutual Exclusion:** verification-jwks verification-cert and verification-secret are mutually exclusive **verification-secret** **Description** Specify secret for verify JWT token signature **Type:** string **Format:** password **Maximum Length:** 128 characters **Maximum Length:** 1 characters **Mutual Exclusion:** verification-secret verification-cert and verification-jwks are mutually exclusive .. _101_sampling-enable: sampling-enable ^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'jwt-request': JWT Request; 'jwt-authorize-success': JWT Authorize Success; 'jwt-authorize-failure': JWT Authorize Failure; 'jwt-missing-token': JWT Missing Token; 'jwt-missing-claim': JWT Missing Claim; 'jwt-token-expired': JWT Token Expired; 'jwt-signature-failure': JWT Signature Failure; 'jwt-other-error': JWT Other Error; **Type:** string **Supported Values:** all, jwt-request, jwt-authorize-success, jwt-authorize-failure, jwt-missing-token, jwt-missing-claim, jwt-token-expired, jwt-signature-failure, jwt-other-error .. _101_stats_data: stats data ---------- .. list-table:: :widths: 10 20 30 80 :header-rows: 2 :stub-columns: 1 * - - Counter - Size - Description * - - - - * - - jwt-request - 8 - JWT Request * - - jwt-authorize-success - 8 - JWT Authorize Success * - - jwt-token-expired - 8 - JWT Token Expired * - - jwt-authorize-failure - 8 - JWT Authorize Failure * - - jwt-missing-claim - 8 - JWT Missing Claim * - - jwt-signature-failure - 8 - JWT Signature Failure * - - jwt-other-error - 8 - JWT Other Error * - - jwt-missing-token - 8 - JWT Missing Token