aam¶
AAM related configuration
aam Specification¶
Type Intermediate Resource Element Name aam Element URI /axapi/v3/aam Element Attributes aam_attributes Schema aam schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/aam | aam_attributes |
aam attributes¶
aaa-policy-list
Type: List
Reference Object: /axapi/v3/aam/aaa-policy/{name}
access-log
Description: access-log is a JSON Block. Please see below for access-log
Type: Object
Reference Object: /axapi/v3/aam/access-log
auth-log
Description: auth-log is a JSON Block. Please see below for auth-log
Type: Object
Reference Object: /axapi/v3/aam/auth-log
authentication
Description: authentication is a JSON Block. Please see below for authentication
Type: Object
Reference Object: /axapi/v3/aam/authentication
authorization
Description: authorization is a JSON Block. Please see below for authorization
Type: Object
Reference Object: /axapi/v3/aam/authorization
jwt-authorization-list
Type: List
Reference Object: /axapi/v3/aam/jwt-authorization/{name}
rdns
Description: rdns is a JSON Block. Please see below for rdns
Type: Object
Reference Object: /axapi/v3/aam/rdns
resource-usage
Description: resource-usage is a JSON Block. Please see below for resource-usage
Type: Object
Reference Object: /axapi/v3/aam/resource-usage
resource-usage¶
Specification Type object identity-provider-limit
Description Total Number of Identity Provider exists in the System
Type: number
Range: 64-256
Default: 64
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
access-log¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
jwt-authorization-list¶
Specification Type list Block object keys encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)exp-claim-requried
Description Specify the exp claim is required for JWT authorization
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
jwt-cache-enable
Description Enable caching authorized JWT token and skip verification and authorization for cached tokens
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
jwt-exp-default
Description Specify the default token expiration if exp claim is not available (default 1800)
Type: number
Range: 1-86400
jwt-forwarding
Description Specify JWT token will not be stripped while forwarding client request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-level
Description ‘0’: log disable; ‘1’: only log authorzation fail (default); ‘2’: only log authorization success; ‘3’: log all;
Type: string
Supported Values: 0, 1, 2, 3
name
Description Specify JWT authorization template name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-jwt-authorization-tmpl
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
verification-cert
Description Specify the certificate to verify JWT token signature
Type: string
Maximum Length: 255 characters
Maximum Length: 1 characters
Mutual Exclusion: verification-cert verification-jwks and verification-secret are mutually exclusive
verification-jwks
Description Specify the jwks file to verify JWT token signature
Type: string
Maximum Length: 255 characters
Maximum Length: 1 characters
Mutual Exclusion: verification-jwks verification-cert and verification-secret are mutually exclusive
verification-secret
Description Specify secret for verify JWT token signature
Type: string
Format: password
Maximum Length: 128 characters
Maximum Length: 1 characters
Mutual Exclusion: verification-secret verification-cert and verification-jwks are mutually exclusive
jwt-authorization-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘jwt-request’: JWT Request; ‘jwt-authorize-success’: JWT Authorize Success; ‘jwt-authorize-failure’: JWT Authorize Failure; ‘jwt-missing-token’: JWT Missing Token; ‘jwt-missing-claim’: JWT Missing Claim; ‘jwt-token-expired’: JWT Token Expired; ‘jwt-signature-failure’: JWT Signature Failure; ‘jwt-other-error’: JWT Other Error;
Type: string
Supported Values: all, jwt-request, jwt-authorize-success, jwt-authorize-failure, jwt-missing-token, jwt-missing-claim, jwt-token-expired, jwt-signature-failure, jwt-other-error
authentication¶
Specification Type object account
Description: account is a JSON Block. Please see below for authentication_account
Type: Object
Reference Object: /axapi/v3/aam/authentication/account
captcha
Description: captcha is a JSON Block. Please see below for authentication_captcha
Type: Object
Reference Object: /axapi/v3/aam/authentication/captcha
file
Description: file is a JSON Block. Please see below for authentication_file
Type: Object
Reference Object: /axapi/v3/aam/authentication/file
global
Description: global is a JSON Block. Please see below for authentication_global
Type: Object
Reference Object: /axapi/v3/aam/authentication/global
jwks
Description: jwks is a JSON Block. Please see below for authentication_jwks
Type: Object
Reference Object: /axapi/v3/aam/authentication/jwks
jwt-list
Type: List
Reference Object: /axapi/v3/aam/authentication/jwt/{name}
log
Description: log is a JSON Block. Please see below for authentication_log
Type: Object
Reference Object: /axapi/v3/aam/authentication/log
logon
Description: logon is a JSON Block. Please see below for authentication_logon
Type: Object
Reference Object: /axapi/v3/aam/authentication/logon
oauth
Description: oauth is a JSON Block. Please see below for authentication_oauth
Type: Object
Reference Object: /axapi/v3/aam/authentication/oauth
password-retry
Description: password-retry is a JSON Block. Please see below for authentication_password-retry
Type: Object
Reference Object: /axapi/v3/aam/authentication/password-retry
portal-list
Type: List
Reference Object: /axapi/v3/aam/authentication/portal/{name}
relay
Description: relay is a JSON Block. Please see below for authentication_relay
Type: Object
Reference Object: /axapi/v3/aam/authentication/relay
saml
Description: saml is a JSON Block. Please see below for authentication_saml
Type: Object
Reference Object: /axapi/v3/aam/authentication/saml
server
Description: server is a JSON Block. Please see below for authentication_server
Type: Object
Reference Object: /axapi/v3/aam/authentication/server
service-group-list
Type: List
Reference Object: /axapi/v3/aam/authentication/service-group/{name}
session
Description: session is a JSON Block. Please see below for authentication_session
Type: Object
Reference Object: /axapi/v3/aam/authentication/session
session-attr
Description: session-attr is a JSON Block. Please see below for authentication_session-attr
Type: Object
Reference Object: /axapi/v3/aam/authentication/session-attr
template-list
Type: List
Reference Object: /axapi/v3/aam/authentication/template/{name}
authentication_jwt-list¶
Specification Type list Block object keys action
Description ‘redirect’: redirect JWT to specific URI; ‘relay’: relay JWT to back-end;
Type: string
Supported Values: redirect, relay
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)issuer
Description Specify JWT issuer claim value
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
jwt-relay-uri
Description Specify JWT relay URI (for relay action)
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
name
Description Specify JWT issuer template name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
secret-string
Description The JWT signature secret
Type: string
Format: password
Maximum Length: 128 characters
Maximum Length: 1 characters
signature-secret
Description Specify the JWT signature secret
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
token-lifetime
Description Specify JWT token lifetime (Specify lifetime (in seconds), default is 300.)
Type: number
Range: 0-86400
Default: 300
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_account¶
Specification Type object kerberos-spn-list
Type: List
Reference Object: /axapi/v3/aam/authentication/account/kerberos-spn/{name}
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_account_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response;
Type: string
Supported Values: all, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other
authentication_account_kerberos-spn-list¶
Specification Type list Block object keys account
Description Specify domain account for SPN
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.)name
Description Specify AD account name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
password
Description Specify password of domain account
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
realm
Description Specify Kerberos realm
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
secret-string
Description Password of AD account
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
service-principal-name
Description Specify service principal name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_portal-list¶
Specification Type list Block object keys change-password
Description: change-password is a JSON Block. Please see below for authentication_portal-list_change-password
Type: Object
Reference Object: /axapi/v3/aam/authentication/portal/{name}/change-password
logo-cfg
Description: logo-cfg is a JSON Block. Please see below for authentication_portal-list_logo-cfg
Type: Object
logon
Description: logon is a JSON Block. Please see below for authentication_portal-list_logon
Type: Object
Reference Object: /axapi/v3/aam/authentication/portal/{name}/logon
logon-fail
Description: logon-fail is a JSON Block. Please see below for authentication_portal-list_logon-fail
Type: Object
Reference Object: /axapi/v3/aam/authentication/portal/{name}/logon-fail
name
Description ‘default-portal’: Default portal configuration;
Type: string
Supported Values: default-portal
notify-change-password
Description: notify-change-password is a JSON Block. Please see below for authentication_portal-list_notify-change-password
Type: Object
Reference Object: /axapi/v3/aam/authentication/portal/{name}/notify-change-password
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_portal-list_logon-fail¶
Specification Type object background
Description: background is a JSON Block. Please see below for authentication_portal-list_logon-fail_background
Type: Object
fail-msg-cfg
Description: fail-msg-cfg is a JSON Block. Please see below for authentication_portal-list_logon-fail_fail-msg-cfg
Type: Object
title-cfg
Description: title-cfg is a JSON Block. Please see below for authentication_portal-list_logon-fail_title-cfg
Type: Object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_portal-list_logon-fail_fail-msg-cfg¶
Specification Type object fail-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
fail-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: fail-color-name and fail-color-value are mutually exclusive
fail-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: fail-color-value and fail-color-name are mutually exclusive
fail-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: fail-face and fail-font-custom are mutually exclusive
fail-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
fail-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: fail-font-custom and fail-face are mutually exclusive
fail-msg
Description Configure logon failure message in default logon fail page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fail-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
fail-text
Description Specify logon failure message (Default: Login Failed!!)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_logon-fail_title-cfg¶
Specification Type object title
Description Configure title in default logon fail page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
title-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
title-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: title-color-name and title-color-value are mutually exclusive
title-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: title-color-value and title-color-name are mutually exclusive
title-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: title-face and title-font-custom are mutually exclusive
title-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
title-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: title-font-custom and title-face are mutually exclusive
title-size
Description Specify font size (Default: 5)
Type: number
Range: 1-7
Default: 5
title-text
Description Specify title (Default: Try Too Many Times)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_logon-fail_background¶
Specification Type object bgcolor-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: white
Mutual Exclusion: bgcolor-name bgfile and bgcolor-value are mutually exclusive
bgcolor-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: bgcolor-value bgfile and bgcolor-name are mutually exclusive
bgfile
Description Specify background image filename
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bgfile bgcolor-name and bgcolor-value are mutually exclusive
bgstyle
Description ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;
Type: string
Supported Values: tile, stretch, fit
Default: tile
authentication_portal-list_logo-cfg¶
Specification Type object height
Description Specify logo image height (Default: 71)
Type: number
Range: 50-400
Default: 71
logo
Description Specify logo image filename
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
width
Description Specify logo image width (Default: 134)
Type: number
Range: 50-400
Default: 134
authentication_portal-list_notify-change-password¶
Specification Type object background
Description: background is a JSON Block. Please see below for authentication_portal-list_notify-change-password_background
Type: Object
cfm-pwd-cfg
Description: cfm-pwd-cfg is a JSON Block. Please see below for authentication_portal-list_notify-change-password_cfm-pwd-cfg
Type: Object
change-text
Description Specify change button text in default change password notification page (Default: Change)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
change-url
Description Specify change password action URL in default change password notification page (Default: /notify_change.fo)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
confirm-password-var
Description Specify confirm password variable name in default change password notification page (Default: cp_cfm_pwd)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
continue-text
Description Specify continue button text in default change password notification page (Default: Continue)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
continue-url
Description Specify continue action URL in default change password notification page (Default: /continue.fo)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-password-var
Description Specify new password variable name in default change password notification page (Default: cp_new_pwd)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pwd-cfg
Description: new-pwd-cfg is a JSON Block. Please see below for authentication_portal-list_notify-change-password_new-pwd-cfg
Type: Object
old-password-var
Description Specify old password variable name in default change password notification page (Default: cp_old_pwd)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
old-pwd-cfg
Description: old-pwd-cfg is a JSON Block. Please see below for authentication_portal-list_notify-change-password_old-pwd-cfg
Type: Object
username-cfg
Description: username-cfg is a JSON Block. Please see below for authentication_portal-list_notify-change-password_username-cfg
Type: Object
username-var
Description Specify username variable name in default change password notification page (Default: cp_usr)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_portal-list_notify-change-password_new-pwd-cfg¶
Specification Type object new-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
new-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: new-color-name and new-color-value are mutually exclusive
new-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: new-color-value and new-color-name are mutually exclusive
new-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: new-face and new-font-custom are mutually exclusive
new-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
new-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: new-font-custom and new-face are mutually exclusive
new-password
Description Configure new password text in default change password notification page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
new-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
new-text
Description Specify new password text (Default: New Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_notify-change-password_old-pwd-cfg¶
Specification Type object old-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
old-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: old-color-name and old-color-value are mutually exclusive
old-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: old-color-value and old-color-name are mutually exclusive
old-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: old-face and old-font-custom are mutually exclusive
old-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
old-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: old-font-custom and old-face are mutually exclusive
old-password
Description Configure old password text in default change password notification page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
old-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
old-text
Description Specify old password text (Default: Old Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_notify-change-password_background¶
Specification Type object bgcolor-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: white
Mutual Exclusion: bgcolor-name bgfile and bgcolor-value are mutually exclusive
bgcolor-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: bgcolor-value bgfile and bgcolor-name are mutually exclusive
bgfile
Description Specify background image filename
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bgfile bgcolor-name and bgcolor-value are mutually exclusive
bgstyle
Description ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;
Type: string
Supported Values: tile, stretch, fit
Default: tile
authentication_portal-list_notify-change-password_cfm-pwd-cfg¶
Specification Type object cfm-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
cfm-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: cfm-color-name and cfm-color-value are mutually exclusive
cfm-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: cfm-color-value and cfm-color-name are mutually exclusive
cfm-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: cfm-face and cfm-font-custom are mutually exclusive
cfm-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
cfm-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: cfm-font-custom and cfm-face are mutually exclusive
cfm-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
cfm-text
Description Specify confirm password text (Default: Confirm New Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
confirm-password
Description Configure confirm password text in default change password notification page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_portal-list_notify-change-password_username-cfg¶
Specification Type object user-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
user-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: user-color-name and user-color-value are mutually exclusive
user-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: user-color-value and user-color-name are mutually exclusive
user-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: user-face and user-font-custom are mutually exclusive
user-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
user-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: user-font-custom and user-face are mutually exclusive
user-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
user-text
Description Specify username text (Default: Username)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
username
Description Configure username text in default change password notification page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_portal-list_logon¶
Specification Type object action-url
Description Specify form action URL in default logon page (Default: /logon.fo)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
background
Description: background is a JSON Block. Please see below for authentication_portal-list_logon_background
Type: Object
captcha-type
Description ‘reCAPTCHAv2-checkbox’: Google reCAPTCHAv2 Checkbox; ‘reCAPTCHAv2-invisible’: Google reCAPTCHAv2 Invisible; ‘reCAPTCHAv3’: Google reCAPTCHAv3;
Type: string
Supported Values: reCAPTCHAv2-checkbox, reCAPTCHAv2-invisible, reCAPTCHAv3
enable-CAPTCHA
Description Enable CAPTCHA in deafult logon page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-passcode
Description Enable passcode field in default logon page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)fail-msg-cfg
Description: fail-msg-cfg is a JSON Block. Please see below for authentication_portal-list_logon_fail-msg-cfg
Type: Object
passcode-cfg
Description: passcode-cfg is a JSON Block. Please see below for authentication_portal-list_logon_passcode-cfg
Type: Object
passcode-var
Description Specify passcode variable name in default logon page (Default: passcode)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
password-cfg
Description: password-cfg is a JSON Block. Please see below for authentication_portal-list_logon_password-cfg
Type: Object
password-var
Description Specify password variable name in default logon page (Default: pwd)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
reCAPTCHA-cfg
Description: reCAPTCHA-cfg is a JSON Block. Please see below for authentication_portal-list_logon_reCAPTCHA-cfg
Type: Object
site-key-string
Description Site key string
Type: string
Format: password
Maximum Length: 127 characters
Maximum Length: 1 characters
submit-text
Description Specify submit button text in default logon page (Default: Log In)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
username-cfg
Description: username-cfg is a JSON Block. Please see below for authentication_portal-list_logon_username-cfg
Type: Object
username-var
Description Specify username variable name in default logon page (Default: user)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_portal-list_logon_passcode-cfg¶
Specification Type object passcode
Description Configure passcode text in default logon page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
passcode-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
passcode-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: passcode-color-name and passcode-color-value are mutually exclusive
passcode-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: passcode-color-value and passcode-color-name are mutually exclusive
passcode-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: passcode-face and passcode-font-custom are mutually exclusive
passcode-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
passcode-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: passcode-font-custom and passcode-face are mutually exclusive
passcode-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
passcode-text
Description Specify passcode text (Default: Passcode)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_logon_reCAPTCHA-cfg¶
Specification Type object reCAPTCHA-action
Description Specify reCAPTCHA action (Specify action string, only accept alphanumeric, underscore, and slash (Default: A10_DEFAULT_LOGON))
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Default: A10_DEFAULT_LOGON
reCAPTCHA-badge
Description ‘bottom-left’: bottom left corner; ‘bottom-right’: bottom right corner;
Type: string
Supported Values: bottom-left, bottom-right
Default: bottom-right
reCAPTCHA-size
Description ‘normal’: normal size; ‘compact’: compact size;
Type: string
Supported Values: normal, compact
Default: normal
reCAPTCHA-theme
Description ‘light’: light theme; ‘dark’: dark theme;
Type: string
Supported Values: light, dark
Default: light
authentication_portal-list_logon_background¶
Specification Type object bgcolor-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: white
Mutual Exclusion: bgcolor-name bgfile and bgcolor-value are mutually exclusive
bgcolor-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: bgcolor-value bgfile and bgcolor-name are mutually exclusive
bgfile
Description Specify background image filename
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bgfile bgcolor-name and bgcolor-value are mutually exclusive
bgstyle
Description ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;
Type: string
Supported Values: tile, stretch, fit
Default: tile
authentication_portal-list_logon_fail-msg-cfg¶
Specification Type object authz-fail-msg
Description Configure authorization failure message in default logon page, its text attributes follow fail-msg’s (Specify authorization failure message (Default: Authorization failed. Please contact your system administrator.))
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
fail-color
Description Specify font color (Default: red)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
fail-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: red
Mutual Exclusion: fail-color-name and fail-color-value are mutually exclusive
fail-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: fail-color-value and fail-color-name are mutually exclusive
fail-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: fail-face and fail-font-custom are mutually exclusive
fail-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
fail-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: fail-font-custom and fail-face are mutually exclusive
fail-msg
Description Configure login failure message in default logon page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fail-size
Description Specify font size (Default: 5)
Type: number
Range: 1-7
Default: 5
fail-text
Description Specify login failure message (Default: Invalid username or password. Please try again.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_logon_password-cfg¶
Specification Type object pass-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
pass-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: pass-color-name and pass-color-value are mutually exclusive
pass-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: pass-color-value and pass-color-name are mutually exclusive
pass-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: pass-face and pass-font-custom are mutually exclusive
pass-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
pass-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: pass-font-custom and pass-face are mutually exclusive
pass-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
pass-text
Description Specify password text (Default: Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
password
Description Configure password text in default logon page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_portal-list_logon_username-cfg¶
Specification Type object user-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
user-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: user-color-name and user-color-value are mutually exclusive
user-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: user-color-value and user-color-name are mutually exclusive
user-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: user-face and user-font-custom are mutually exclusive
user-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
user-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: user-font-custom and user-face are mutually exclusive
user-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
user-text
Description Specify username text (Default: User Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
username
Description Configure username text in default logon page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_portal-list_change-password¶
Specification Type object action-url
Description Specify form action URL in default change password page (Default: /change.fo)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
background
Description: background is a JSON Block. Please see below for authentication_portal-list_change-password_background
Type: Object
cfm-pwd-cfg
Description: cfm-pwd-cfg is a JSON Block. Please see below for authentication_portal-list_change-password_cfm-pwd-cfg
Type: Object
confirm-password-var
Description Specify confirm password variable name in default change password page (Default: cp_cfm_pwd)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-password-var
Description Specify new password variable name in default change password page (Default: cp_new_pwd)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pwd-cfg
Description: new-pwd-cfg is a JSON Block. Please see below for authentication_portal-list_change-password_new-pwd-cfg
Type: Object
old-password-var
Description Specify old password variable name in default change password page (Default: cp_old_pwd)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
old-pwd-cfg
Description: old-pwd-cfg is a JSON Block. Please see below for authentication_portal-list_change-password_old-pwd-cfg
Type: Object
reset-text
Description Specify reset button text in default change password page (Default: Reset)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
submit-text
Description Specify submit button text in default change password page (Default: Submit)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
title-cfg
Description: title-cfg is a JSON Block. Please see below for authentication_portal-list_change-password_title-cfg
Type: Object
username-cfg
Description: username-cfg is a JSON Block. Please see below for authentication_portal-list_change-password_username-cfg
Type: Object
username-var
Description Specify username variable name in default change password page (Default: cp_usr)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_portal-list_change-password_new-pwd-cfg¶
Specification Type object new-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
new-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: new-color-name and new-color-value are mutually exclusive
new-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: new-color-value and new-color-name are mutually exclusive
new-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: new-face and new-font-custom are mutually exclusive
new-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
new-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: new-font-custom and new-face are mutually exclusive
new-password
Description Configure new password text in default change password page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
new-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
new-text
Description Specify new password text (Default: New Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_change-password_title-cfg¶
Specification Type object title
Description Configure title in default change password page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
title-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
title-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: title-color-name and title-color-value are mutually exclusive
title-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: title-color-value and title-color-name are mutually exclusive
title-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: title-face and title-font-custom are mutually exclusive
title-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
title-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: title-font-custom and title-face are mutually exclusive
title-size
Description Specify font size (Default: 5)
Type: number
Range: 1-7
Default: 5
title-text
Description Specify title (Default: Please Change Your Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_change-password_old-pwd-cfg¶
Specification Type object old-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
old-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: old-color-name and old-color-value are mutually exclusive
old-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: old-color-value and old-color-name are mutually exclusive
old-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: old-face and old-font-custom are mutually exclusive
old-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
old-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: old-font-custom and old-face are mutually exclusive
old-password
Description Configure old password text in default change password page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
old-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
old-text
Description Specify old password text (Default: Old Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_portal-list_change-password_background¶
Specification Type object bgcolor-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: white
Mutual Exclusion: bgcolor-name bgfile and bgcolor-value are mutually exclusive
bgcolor-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: bgcolor-value bgfile and bgcolor-name are mutually exclusive
bgfile
Description Specify background image filename
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bgfile bgcolor-name and bgcolor-value are mutually exclusive
bgstyle
Description ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;
Type: string
Supported Values: tile, stretch, fit
Default: tile
authentication_portal-list_change-password_cfm-pwd-cfg¶
Specification Type object cfm-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
cfm-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: cfm-color-name and cfm-color-value are mutually exclusive
cfm-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: cfm-color-value and cfm-color-name are mutually exclusive
cfm-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: cfm-face and cfm-font-custom are mutually exclusive
cfm-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
cfm-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: cfm-font-custom and cfm-face are mutually exclusive
cfm-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
cfm-text
Description Specify confirm password text (Default: Confirm New Password)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
confirm-password
Description Configure confirm password text in default change password page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_portal-list_change-password_username-cfg¶
Specification Type object user-color
Description Specify font color (Default: black)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
user-color-name
Description ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;
Type: string
Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow
Default: black
Mutual Exclusion: user-color-name and user-color-value are mutually exclusive
user-color-value
Description Specify 6-digit HEX color value
Type: string
Maximum Length: 6 characters
Maximum Length: 6 characters
Mutual Exclusion: user-color-value and user-color-name are mutually exclusive
user-face
Description ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;
Type: string
Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana
Default: Arial
Mutual Exclusion: user-face and user-font-custom are mutually exclusive
user-font
Description Sepcify font (Default: Arial)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
user-font-custom
Description Specify custom font
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: user-font-custom and user-face are mutually exclusive
user-size
Description Specify font size (Default: 3)
Type: number
Range: 1-7
Default: 3
user-text
Description Specify username text (Default: Username)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
username
Description Configure username text in default change password page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_log¶
Specification Type object enable
Description Enable authentication logs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
facility
Description ‘local0’: Local use; ‘local1’: Local use; ‘local2’: Local use; ‘local3’: Local use; ‘local4’: Local use; ‘local5’: Local use; ‘local6’: Local use; ‘local7’: Local use;
Type: string
Supported Values: local0, local1, local2, local3, local4, local5, local6, local7
Default: local0
format
Description ‘syslog’: Syslog Format (default); ‘cef’: Common Event Format;
Type: string
Supported Values: syslog, cef
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay¶
Specification Type object form-based
Description: form-based is a JSON Block. Please see below for authentication_relay_form-based
Type: Object
Reference Object: /axapi/v3/aam/authentication/relay/form-based
http-basic
Description: http-basic is a JSON Block. Please see below for authentication_relay_http-basic
Type: Object
Reference Object: /axapi/v3/aam/authentication/relay/http-basic
kerberos
Description: kerberos is a JSON Block. Please see below for authentication_relay_kerberos
Type: Object
Reference Object: /axapi/v3/aam/authentication/relay/kerberos
ntlm-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/ntlm/{name}
oauth-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/oauth/{name}
saml-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/saml/{name}
ws-federation-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/ws-federation/{name}
authentication_relay_ntlm-list¶
Specification Type list Block object keys domain
Description Specify NTLM domain, default is null
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
large-request-disable
Description Disable NTLM relay processing for large requests
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Specify NTLM authentication relay name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-ntlm-tmpl
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
version
Description Specify NTLM version, default is NTLM 2
Type: number
Range: 1-2
Default: 2
authentication_relay_ntlm-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘success’: Success; ‘failure’: Failure; ‘request’: Request; ‘response’: Response; ‘http-code-200’: HTTP 200 OK; ‘http-code-400’: HTTP 400 Bad Request; ‘http-code-401’: HTTP 401 Unauthorized; ‘http-code-403’: HTTP 403 Forbidden; ‘http-code-404’: HTTP 404 Not Found; ‘http-code-500’: HTTP 500 Internal Server Error; ‘http-code-503’: HTTP 503 Service Unavailable; ‘http-code-other’: Other HTTP Response; ‘buffer-alloc-fail’: Buffer Allocation Failure; ‘encoding-fail’: Encoding Failure; ‘insert-header-fail’: Insert Header Failure; ‘parse-header-fail’: Parse Header Failure; ‘internal-error’: Internal Error; ‘ntlm-auth-skipped’: Requests for which NTLM relay is skipped; ‘large-request-processing’: Requests invoking large request processing; ‘large-request-flushed’: Large requests sent to server; ‘head-negotiate-request-sent’: HEAD requests sent with NEGOTIATE header; ‘head-auth-request-sent’: HEAD requests sent with AUTH header;
Type: string
Supported Values: all, success, failure, request, response, http-code-200, http-code-400, http-code-401, http-code-403, http-code-404, http-code-500, http-code-503, http-code-other, buffer-alloc-fail, encoding-fail, insert-header-fail, parse-header-fail, internal-error, ntlm-auth-skipped, large-request-processing, large-request-flushed, head-negotiate-request-sent, head-auth-request-sent
authentication_relay_form-based¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/form-based/instance/{name}
authentication_relay_form-based_instance-list¶
Specification Type list Block object keys name
Description Specify form-based authentication relay name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-form-inst-tmpl
request-uri-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/form-based/instance/{name}/request-uri/{match-type}+{uri}
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay_form-based_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘request’: Request; ‘invalid_srv_rsp’: Invalid Server Response; ‘post_fail’: POST Failed; ‘invalid_cred’: Invalid Credential; ‘bad_req’: Bad Request; ‘not_fnd’: Not Found; ‘error’: Internal Server Error; ‘other_error’: Other Error;
Type: string
Supported Values: all, request, invalid_srv_rsp, post_fail, invalid_cred, bad_req, not_fnd, error, other_error
authentication_relay_form-based_instance-list_request-uri-list¶
Specification Type list Block object keys action-uri
Description Specify the action-URI
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
cookie
Description: cookie is a JSON Block. Please see below for authentication_relay_form-based_instance-list_request-uri-list_cookie
Type: Object
domain-variable
Description Specify domain variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
match-type
Description ‘equals’: URI exactly matches the string; ‘contains’: URI string contains another sub string; ‘starts-with’: URI string starts with sub string; ‘ends-with’: URI string ends with sub string;
Type: string
Supported Values: equals, contains, starts-with, ends-with
max-packet-collect-size
Description Specify the max packet collection size in bytes, default is 1MB
Type: number
Range: 1024-2097152
Default: 1048576
other-variables
Description Specify other variables (n1=v1&n2=v2) in form relay
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
password-variable
Description Specify password variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uri
Description Specify request URI
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
user-variable
Description Specify username variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay_form-based_instance-list_request-uri-list_cookie¶
Specification Type object cookie-value
Description: cookie-value is a JSON Block. Please see below for authentication_relay_form-based_instance-list_request-uri-list_cookie_cookie-value
Type: Object
authentication_relay_form-based_instance-list_request-uri-list_cookie_cookie-value¶
Specification Type object cookie-value
Description Specify cookie in POST packet
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
authentication_relay_ws-federation-list¶
Specification Type list Block object keys application-server
Description ‘sharepoint’: Microsoft SharePoint; ‘exchange-owa’: Microsoft Exchange OWA;
Type: string
Supported Values: sharepoint, exchange-owa
authentication-uri
Description Specify WS-Federation relay URI, default is /_trust/
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
name
Description Specify WS-Federation authentication relay name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-ws-fed-tmpl
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay_ws-federation-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘request’: Request; ‘success’: Success; ‘failure’: Failure;
Type: string
Supported Values: all, request, success, failure
authentication_relay_oauth-list¶
Specification Type list Block object keys all
Description All URI can be relay
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: all and match-type are mutually exclusive
match-type
Description ‘equals’: URI exactly matches the string; ‘contains’: URI string contains another sub string; ‘starts-with’: URI string starts with sub string; ‘ends-with’: URI string ends with sub string;
Type: string
Supported Values: equals, contains, starts-with, ends-with
Mutual Exclusion: match-type and all are mutually exclusive
match-uri
Description
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
name
Description Specify oauth authentication relay name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
relay-type
Description ‘access-token’: Relay access token to backend; ‘id-token’: Relay JWT to backend;
Type: string
Supported Values: access-token, id-token
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay_oauth-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘relay-req’: some help string; ‘relay-succ’: some help string; ‘relay-fail’: some help string;
Type: string
Supported Values: all, relay-req, relay-succ, relay-fail
authentication_relay_saml-list¶
Specification Type list Block object keys idp-auth-uri
Description Specify the URI for IDP to handle SAML authentication request
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
match-type
Description ‘equals’: URI exactly matches the string; ‘contains’: URI string contains another sub string; ‘starts-with’: URI string starts with sub string; ‘ends-with’: URI string ends with sub string;
Type: string
Supported Values: equals, contains, starts-with, ends-with
match-uri
Description Match URI
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
method
Description ‘get-from-backend’: Get RelayState parameter from backend server; ‘request-uri’: Use the (URL encoded) current request-uri as the RelayState;
Type: string
Supported Values: get-from-backend, request-uri
Mutual Exclusion: method and value are mutually exclusive
name
Description Specify SAML authentication relay name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
relay-acs-uri
Description Specify the backend server assertion consuming service URI
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
retry-number
Description Specify how many continuous fail for SAML relay will trigger. Default will not retry.
Type: number
Range: 0-10
Default: 0
sampling-enable
Type: Listserver-cookie-name
Description Specify the cookie name that used by backend server for authenticated users
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
value
Description Use the fixed string as the RelayState
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: value and method are mutually exclusive
authentication_relay_saml-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘request’: Request; ‘success’: Success; ‘failure’: Failure; ‘error’: Error;
Type: string
Supported Values: all, request, success, failure, error
authentication_relay_kerberos¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/kerberos/instance/{name}
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay_kerberos_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘request-send’: Total Request Send; ‘response-get’: Total Response Get; ‘timeout-error’: Total Timeout; ‘other-error’: Total Other Error; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error;
Type: string
Supported Values: all, request-send, response-get, timeout-error, other-error, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error
authentication_relay_kerberos_instance-list¶
Specification Type list Block object keys encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)kerberos-account
Description Specify the kerberos account name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
kerberos-kdc
Description Specify the kerberos kdc ip or host name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: kerberos-kdc and kerberos-kdc-service-group are mutually exclusive
kerberos-kdc-service-group
Description Specify an authentication service group as multiple KDCs
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: kerberos-kdc-service-group and kerberos-kdc are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/service-group
kerberos-realm
Description Specify the kerberos realm
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
name
Description Specify Kerberos authentication relay name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
password
Description Specify password of Kerberos password
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
port
Description Specify The KDC port, default is 88
Type: number
Range: 1-65535
Default: 88
sampling-enable
Type: Listsecret-string
Description The kerberos client password
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
timeout
Description Specify timeout for kerberos transport, default is 10 seconds (The timeout, default is 10 seconds)
Type: number
Range: 1-255
Default: 10
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay_kerberos_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘request-send’: Request Send; ‘response-receive’: Response Receive; ‘current-requests-of-user’: Current Pending Requests of User; ‘tickets’: Tickets;
Type: string
Supported Values: all, request-send, response-receive, current-requests-of-user, tickets
authentication_relay_http-basic¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/relay/http-basic/instance/{name}
authentication_relay_http-basic_instance-list¶
Specification Type list Block object keys domain
Description Specify user domain, default is null
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
domain-format
Description ‘user-principal-name’: Append domain with User Principal Name format. (e.g. user@domain); ‘down-level-logon-name’: Append domain with Down-Level Logon Name format. (e.g. domainuser);
Type: string
Supported Values: user-principal-name, down-level-logon-name
Default: down-level-logon-name
name
Description Specify HTTP basic authentication relay name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-hbase-inst-tmpl
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_relay_http-basic_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘success’: Success; ‘no-creds’: No Credential; ‘bad-req’: Bad Request; ‘unauth’: Unauthorized; ‘forbidden’: Forbidden; ‘not-found’: Not Found; ‘server-error’: Internal Server Error; ‘unavailable’: Service Unavailable;
Type: string
Supported Values: all, success, no-creds, bad-req, unauth, forbidden, not-found, server-error, unavailable
authentication_jwks¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_session-attr¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_logon¶
Specification Type object form-based-list
Type: List
Reference Object: /axapi/v3/aam/authentication/logon/form-based/{name}
http-authenticate
Description: http-authenticate is a JSON Block. Please see below for authentication_logon_http-authenticate
Type: Object
Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate
authentication_logon_form-based-list¶
Specification Type list Block object keys account-lock
Description Lock the account when the failed logon attempts is exceeded
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
challenge-variable
Description Specify challenge variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-page-cfg
Description: cp-page-cfg is a JSON Block. Please see below for authentication_logon_form-based-list_cp-page-cfg
Type: Object
duration
Description The time an account remains locked in seconds (default 1800)
Type: number
Range: 1-86400
Default: 1800
logon-page-cfg
Description: logon-page-cfg is a JSON Block. Please see below for authentication_logon_form-based-list_logon-page-cfg
Type: Object
name
Description Specify form-based authentication logon name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pin-variable
Description Specify new-pin variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
next-token-variable
Description Specify next-token variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
notify-cp-page-cfg
Description: notify-cp-page-cfg is a JSON Block. Please see below for authentication_logon_form-based-list_notify-cp-page-cfg
Type: Object
portal
Description: portal is a JSON Block. Please see below for authentication_logon_form-based-list_portal
Type: Object
retry
Description Maximum number of consecutive failed logon attempts (default 3)
Type: number
Range: 1-32
Default: 3
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_logon_form-based-list_notify-cp-page-cfg¶
Specification Type object notifychangepassword-change-url
Description Specify change password action url for notifychangepassword form
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
notifychangepassword-continue-url
Description Specify continue action url for notifychangepassword form
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
authentication_logon_form-based-list_portal¶
Specification Type object challenge-page
Description Specify challenge page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: challenge-page new-pin-page and next-token-page are mutually exclusive
changepasswordpage
Description Specify change password page name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
default-portal
Description Use default portal
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: default-portal and portal-name are mutually exclusive
failpage
Description Specify logon fail page name (portal fail page name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logon
Description Specify logon page name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pin-page
Description Specify new PIN page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: new-pin-page and challenge-page are mutually exclusive
next-token-page
Description Specify next token page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: next-token-page and challenge-page are mutually exclusive
notifychangepasswordpage
Description Specify change password notification page name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
portal-name
Description Specify portal name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: portal-name and default-portal are mutually exclusive
authentication_logon_form-based-list_logon-page-cfg¶
Specification Type object action-url
Description Specify form submission action url
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
authz-failure-message
Description Specify authorization failure message shown in logon page (Specify error string, default is “Authorization failed. Please contact your system administrator.”)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
captcha-variable
Description Specify captcha variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
disable-change-password-link
Description Don’t display change password link on logon page forcibly even backend authentication server supports it (LDAP or Kerberos)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
login-failure-message
Description Specify login failure message shown in logon page (Specify error string, default is “Invalid username or password. Please try again.”)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
passcode-variable
Description Specify passcode variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
password-variable
Description Specify password variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
username-variable
Description Specify username variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_logon_form-based-list_cp-page-cfg¶
Specification Type object changepassword-url
Description Specify changepassword form submission action url (changepassword action url)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
cp-cfm-pwd-enum
Description ‘changepassword-password-confirm-variable’: Specify password confirm variable name in form submission;
Type: string
Supported Values: changepassword-password-confirm-variable
cp-cfm-pwd-var
Description Specify password confirm variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-new-pwd-enum
Description ‘changepassword-new-password-variable’: Specify new password variable name in form submission;
Type: string
Supported Values: changepassword-new-password-variable
cp-new-pwd-var
Description Specify new password variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-old-pwd-enum
Description ‘changepassword-old-password-variable’: Specify old password variable name in form submission;
Type: string
Supported Values: changepassword-old-password-variable
cp-old-pwd-var
Description Specify old password variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-user-enum
Description ‘changepassword-username-variable’: Specify username variable name in form submission;
Type: string
Supported Values: changepassword-username-variable
cp-user-var
Description Specify username variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_logon_http-authenticate¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate/instance/{name}
authentication_logon_http-authenticate_instance-list¶
Specification Type list Block object keys account-lock
Description Lock the account when the failed logon attempts is exceeded
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
auth-method
Description: auth-method is a JSON Block. Please see below for authentication_logon_http-authenticate_instance-list_auth-method
Type: Object
duration
Description The time an account remains locked in seconds (default 1800)
Type: number
Range: 1-86400
Default: 1800
name
Description Specify HTTP-Authenticate logon name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-logon-http-ins-tmpl
retry
Description Maximum number of consecutive failed logon attempts (default 3)
Type: number
Range: 1-32
Default: 3
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_logon_http-authenticate_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘spn_krb_request’: SPN Kerberos Request; ‘spn_krb_success’: SPN Kerberos Success; ‘spn_krb_faiure’: SPN Kerberos Failure;
Type: string
Supported Values: all, spn_krb_request, spn_krb_success, spn_krb_faiure
authentication_logon_http-authenticate_instance-list_auth-method¶
Specification Type object basic
Description: basic is a JSON Block. Please see below for authentication_logon_http-authenticate_instance-list_auth-method_basic
Type: Object
negotiate
Description: negotiate is a JSON Block. Please see below for authentication_logon_http-authenticate_instance-list_auth-method_negotiate
Type: Object
ntlm
Description: ntlm is a JSON Block. Please see below for authentication_logon_http-authenticate_instance-list_auth-method_ntlm
Type: Object
authentication_logon_http-authenticate_instance-list_auth-method_ntlm¶
Specification Type object ntlm-enable
Description Enable NTLM logon
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_logon_http-authenticate_instance-list_auth-method_negotiate¶
Specification Type object negotiate-enable
Description Enable SPENGO logon
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_logon_http-authenticate_instance-list_auth-method_basic¶
Specification Type object basic-enable
Description Enable Basic logon
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
basic-realm
Description Specify realm for basic logon
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
challenge-page
Description Specify challenge page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: challenge-page and new-pin-page are mutually exclusive
challenge-response-form
Description Specify challenge-response form for RSA-RADIUS authentication
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
challenge-variable
Description Specify challenge variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pin-page
Description Specify new PIN page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: new-pin-page and challenge-page are mutually exclusive
new-pin-variable
Description Specify new PIN variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
next-token-page
Description Specify next-token page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
next-token-variable
Description Specify next-token variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_service-group-list¶
Specification Type list Block object keys health-check
Description Health Check (Monitor Name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
health-check-disable
Description Disable health check
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
lb-method
Description ‘round-robin’: Round robin on server level;
Type: string
Supported Values: round-robin
member-list
Type: List
Reference Object: /axapi/v3/aam/authentication/service-group/{name}/member/{name}+{port}
name
Description Specify AAM service group name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-service-group-tmpl
protocol
Description ‘tcp’: TCP AAM service; ‘udp’: UDP AAM service;
Type: string
Supported Values: tcp, udp
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_service-group-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘server_selection_fail_drop’: Drops due to Service selection failure; ‘server_selection_fail_reset’: Resets sent out for Service selection failure; ‘service_peak_conn’: Peak connection count for the Service Group; ‘service_healthy_host’: Service Group healthy host count; ‘service_unhealthy_host’: Service Group unhealthy host count; ‘service_req_count’: Service Group request count; ‘service_resp_count’: Service Group response count; ‘service_resp_2xx’: Service Group response 2xx count; ‘service_resp_3xx’: Service Group response 3xx count; ‘service_resp_4xx’: Service Group response 4xx count; ‘service_resp_5xx’: Service Group response 5xx count; ‘service_curr_conn_overflow’: Current connection counter overflow count;
Type: string
Supported Values: all, server_selection_fail_drop, server_selection_fail_reset, service_peak_conn, service_healthy_host, service_unhealthy_host, service_req_count, service_resp_count, service_resp_2xx, service_resp_3xx, service_resp_4xx, service_resp_5xx, service_curr_conn_overflow
authentication_service-group-list_member-list¶
Specification Type list Block object keys member-priority
Description Priority of Port in the Group
Type: number
Range: 1-16
member-state
Description ‘enable’: Enable member service port; ‘disable’: Disable member service port;
Type: string
Supported Values: enable, disable
Default: enable
name
Description Member name
Type: string
Format: comp-string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-service-group-mem-tmpl
port
Description Port number
Type: number
Range: 1-65534
Default: 65534
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_service-group-list_member-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘total_fwd_bytes’: Bytes processed in forward direction; ‘total_fwd_pkts’: Packets processed in forward direction; ‘total_rev_bytes’: Bytes processed in reverse direction; ‘total_rev_pkts’: Packets processed in reverse direction; ‘total_conn’: Total established connections; ‘total_rev_pkts_inspected’: Total reverse packets inspected; ‘total_rev_pkts_inspected_status_code_2xx’: Total reverse packets inspected status code 2xx; ‘total_rev_pkts_inspected_status_code_non_5xx’: Total reverse packets inspected status code non 5xx; ‘curr_req’: Current requests; ‘total_req’: Total requests; ‘total_req_succ’: Total requests successful; ‘peak_conn’: some help string; ‘response_time’: Response time; ‘fastest_rsp_time’: Fastest response time; ‘slowest_rsp_time’: Slowest response time; ‘curr_ssl_conn’: Current SSL connections; ‘total_ssl_conn’: Total SSL connections; ‘curr_conn_overflow’: Current connection counter overflow count;
Type: string
Supported Values: all, total_fwd_bytes, total_fwd_pkts, total_rev_bytes, total_rev_pkts, total_conn, total_rev_pkts_inspected, total_rev_pkts_inspected_status_code_2xx, total_rev_pkts_inspected_status_code_non_5xx, curr_req, total_req, total_req_succ, peak_conn, response_time, fastest_rsp_time, slowest_rsp_time, curr_ssl_conn, total_ssl_conn, curr_conn_overflow
authentication_global¶
Specification Type object max-auth-resp-size
Description Specify the max auth resp size in bytes(from authd to a10lb), default is 64KB
Type: number
Range: 2048-131072
Default: 65536
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_global_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘requests’: Total Authentication Request; ‘responses’: Total Authentication Response; ‘misses’: Total Authentication Request Missed; ‘ocsp-stapling-requests-to-a10authd’: Total OCSP Stapling Request; ‘ocsp-stapling-responses-from-a10authd’: Total OCSP Stapling Response; ‘opened-socket’: Total AAM Socket Opened; ‘open-socket-failed’: Total AAM Open Socket Failed; ‘connect’: Total AAM Connection; ‘connect-failed’: Total AAM Connect Failed; ‘created-timer’: Total AAM Timer Created; ‘create-timer-failed’: Total AAM Timer Creation Failed; ‘total-request’: Total Request Received by A10 Auth Service; ‘get-socket-option-failed’: Total AAM Get Socket Option Failed; ‘aflex-authz-succ’: Total Authorization success number in aFleX; ‘aflex-authz-fail’: Total Authorization failure number in aFleX; ‘authn-success’: Total Authentication success number; ‘authn-failure’: Total Authentication failure number; ‘authz-success’: Total Authorization success number; ‘authz-failure’: Total Authorization failure number; ‘active-session’: Total Active Auth-Sessions; ‘active-user’: Total Active Users; ‘dns-resolve-failed’: Total AAM DNS resolve failed;
Type: string
Supported Values: all, requests, responses, misses, ocsp-stapling-requests-to-a10authd, ocsp-stapling-responses-from-a10authd, opened-socket, open-socket-failed, connect, connect-failed, created-timer, create-timer-failed, total-request, get-socket-option-failed, aflex-authz-succ, aflex-authz-fail, authn-success, authn-failure, authz-success, authz-failure, active-session, active-user, dns-resolve-failed
authentication_saml¶
Specification Type object global
Description: global is a JSON Block. Please see below for authentication_saml_global
Type: Object
Reference Object: /axapi/v3/aam/authentication/saml/global
identity-provider-list
Type: List
Reference Object: /axapi/v3/aam/authentication/saml/identity-provider/{name}
metadata
Description: metadata is a JSON Block. Please see below for authentication_saml_metadata
Type: Object
Reference Object: /axapi/v3/aam/authentication/saml/metadata
metadata-monitor
Description: metadata-monitor is a JSON Block. Please see below for authentication_saml_metadata-monitor
Type: Object
Reference Object: /axapi/v3/aam/authentication/saml/metadata-monitor
service-provider-list
Type: List
Reference Object: /axapi/v3/aam/authentication/saml/service-provider/{name}
session
Description: session is a JSON Block. Please see below for authentication_saml_session
Type: Object
Reference Object: /axapi/v3/aam/authentication/saml/session
authentication_saml_service-provider-list¶
Specification Type list Block object keys SP-initiated-single-logout-service
Type: Listacs-uri-bypass
Description After user authenticated, bypass requests with assertion-consuming-service location URI
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
adfs-ws-federation
Description: adfs-ws-federation is a JSON Block. Please see below for authentication_saml_service-provider-list_adfs-ws-federation
Type: Object
artifact-resolution-service
Type: Listassertion-consuming-service
Type: Listbad-request-redirect-url
Description Specify URL to redirect
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
certificate
Description SAML service provider certificate file (PFX format is required.)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
entity-id
Description SAML service provider entity ID
Type: string
Format: string-rlx
Maximum Length: 1023 characters
Maximum Length: 1 characters
metadata-export-service
Description: metadata-export-service is a JSON Block. Please see below for authentication_saml_service-provider-list_metadata-export-service
Type: Object
name
Description Specify SAML authentication service provider name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-saml-service-prov-tmpl
require-assertion-signed
Description: require-assertion-signed is a JSON Block. Please see below for authentication_saml_service-provider-list_require-assertion-signed
Type: Object
saml-request-signed
Description: saml-request-signed is a JSON Block. Please see below for authentication_saml_service-provider-list_saml-request-signed
Type: Object
sampling-enable
Type: Listservice-url
Description SAML service provider service URL (ex. https://www.a10networks.com/saml.sso)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
signature-algorithm
Description ‘SHA1’: use SHA1 as signature algorithm (default); ‘SHA256’: use SHA256 as signature algorithm;
Type: string
Supported Values: SHA1, SHA256
Default: SHA1
single-logout-service
Type: Listsoap-tls-certificate-validate
Description: soap-tls-certificate-validate is a JSON Block. Please see below for authentication_saml_service-provider-list_soap-tls-certificate-validate
Type: Object
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_saml_service-provider-list_require-assertion-signed¶
Specification Type object require-assertion-signed-enable
Description Enable required signing of SAML assertion
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_saml_service-provider-list_single-logout-service¶
Specification Type list Block object keys SLO-binding
Description ‘post’: POST binding of single logout service; ‘redirect’: Redirect binding of single logout service; ‘soap’: SOAP binding of single logout service;
Type: string
Supported Values: post, redirect, soap
SLO-location
Description The location of name-id management service. (ex. /SAML/POST)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_saml_service-provider-list_assertion-consuming-service¶
Specification Type list Block object keys assertion-binding
Description ‘artifact’: Artifact binding of assertion consuming service; ‘paos’: PAOS binding of assertion consuming service; ‘post’: POST binding of assertion consuming service;
Type: string
Supported Values: artifact, paos, post
assertion-index
Description The index of assertion consuming service
Type: number
Range: 0-5
assertion-location
Description The location of assertion consuming service endpoint. (ex. /SAML/POST)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_saml_service-provider-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘sp-metadata-export-req’: Metadata Export Request; ‘sp-metadata-export-success’: Metadata Export Success; ‘login-auth-req’: Login Authentication Request; ‘login-auth-resp’: Login Authentication Response; ‘acs-req’: SAML Single-Sign-On Request; ‘acs-success’: SAML Single-Sign-On Success; ‘acs-authz-fail’: SAML Single-Sign-On Authorization Fail; ‘acs-error’: SAML Single-Sign-On Error; ‘slo-req’: Single Logout Request; ‘slo-success’: Single Logout Success; ‘slo-error’: Single Logout Error; ‘sp-slo-req’: SP-initiated Single Logout Request; ‘glo-slo-success’: Total Global Logout Success; ‘loc-slo-success’: Total Local Logout Success; ‘par-slo-success’: Total Partial Logout Success; ‘other-error’: Other Error;
Type: string
Supported Values: all, sp-metadata-export-req, sp-metadata-export-success, login-auth-req, login-auth-resp, acs-req, acs-success, acs-authz-fail, acs-error, slo-req, slo-success, slo-error, sp-slo-req, glo-slo-success, loc-slo-success, par-slo-success, other-error
authentication_saml_service-provider-list_saml-request-signed¶
Specification Type object saml-request-signed-disable
Description Disable signing signature for SAML (Authn/Artifact Resolve) requests
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_saml_service-provider-list_SP-initiated-single-logout-service¶
Specification Type list Block object keys SP-SLO-location
Description The location of SP-initiated single logout service endpoint. (ex. /Logout)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
asynchronous
Description the IDP will not send a logout response to AX
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_saml_service-provider-list_adfs-ws-federation¶
Specification Type object ws-federation-enable
Description Enable ADFS WS-Federation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_saml_service-provider-list_soap-tls-certificate-validate¶
Specification Type object soap-tls-certificate-validate-disable
Description Disable verification for server certificate in TLS session when resolving artificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_saml_service-provider-list_artifact-resolution-service¶
Specification Type list Block object keys artifact-binding
Description ‘soap’: SOAP binding of artifact resolution service;
Type: string
Supported Values: soap
artifact-index
Description The index of artifact resolution service
Type: number
Range: 0-5
artifact-location
Description The location of artifact resolution service. (ex. /SAML/POST)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_saml_service-provider-list_metadata-export-service¶
Specification Type object md-export-location
Description Specify the URI to export SP metadata (Export URI. Default is /A10SP_Metadata)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sign-xml
Description Sign exported SP metadata XML with SP’s certificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication_saml_identity-provider-list¶
Specification Type list Block object keys metadata
Description URL of SAML identity provider’s metadata file
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
name
Description SAML authentication identity provider name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
reload-interval
Description Specify URI metadata reload period (Specify URI metadata reload period in seconds, default is 28800)
Type: number
Range: 1-86400
Default: 28800
reload-metadata
Description Reload IdP’s metadata immediately
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_saml_global¶
Specification Type object sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_saml_global_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘requests-to-a10saml’: Total Request to A10 SAML Service; ‘responses-from-a10saml’: Total Response from A10 SAML Service; ‘sp-metadata-export-req’: Total Metadata Export Request; ‘sp-metadata-export-success’: Toal Metadata Export Success; ‘login-auth-req’: Total Login Authentication Request; ‘login-auth-resp’: Total Login Authentication Response; ‘acs-req’: Total SAML Single-Sign-On Request; ‘acs-success’: Total SAML Single-Sign-On Success; ‘acs-authz-fail’: Total SAML Single-Sign-On Authorization Fail; ‘acs-error’: Total SAML Single-Sign-On Error; ‘slo-req’: Total Single Logout Request; ‘slo-success’: Total Single Logout Success; ‘slo-error’: Total Single Logout Error; ‘sp-slo-req’: Total SP-initiated Single Logout Request; ‘glo-slo-success’: Total Global Logout Success; ‘loc-slo-success’: Total Local Logout Success; ‘par-slo-success’: Total Partial Logout Success; ‘relay-req’: some help string; ‘relay-success’: some help string; ‘relay-fail’: some help string; ‘relay-error’: some help string; ‘other-error’: Total Other Error;
Type: string
Supported Values: all, requests-to-a10saml, responses-from-a10saml, sp-metadata-export-req, sp-metadata-export-success, login-auth-req, login-auth-resp, acs-req, acs-success, acs-authz-fail, acs-error, slo-req, slo-success, slo-error, sp-slo-req, glo-slo-success, loc-slo-success, par-slo-success, relay-req, relay-success, relay-fail, relay-error, other-error
authentication_saml_session¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_saml_metadata-monitor¶
Specification Type object acs-continuous-fail-threshold
Description Specify how many ACS continuous fails will trigger metadata reload (ACS continuous fail threshold (default: 10))
Type: number
Range: 2-254
acs-missing-period
Description Specify how long no acs request will trigger metadata reload (in seconds (default: 60))
Type: number
Range: 1-254
acs-missing-threshold
Description Specify how many ACS request missing in the period will trigger metadata reload (ACS request missing threshold (default: 100))
Type: number
Range: 10-254
status
Description ‘enable’: Enable SAML metadata out-of-sync detection; ‘disable’: Disable SAML metadata out-of-sync detection;
Type: string
Supported Values: enable, disable
Default: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_saml_metadata¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server¶
Specification Type object ldap
Description: ldap is a JSON Block. Please see below for authentication_server_ldap
Type: Object
Reference Object: /axapi/v3/aam/authentication/server/ldap
ocsp
Description: ocsp is a JSON Block. Please see below for authentication_server_ocsp
Type: Object
Reference Object: /axapi/v3/aam/authentication/server/ocsp
radius
Description: radius is a JSON Block. Please see below for authentication_server_radius
Type: Object
Reference Object: /axapi/v3/aam/authentication/server/radius
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
windows
Description: windows is a JSON Block. Please see below for authentication_server_windows
Type: Object
Reference Object: /axapi/v3/aam/authentication/server/windows
authentication_server_windows¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/server/windows/instance/{name}
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server_windows_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘kerberos-request-send’: Total Kerberos Request; ‘kerberos-response-get’: Total Kerberos Response; ‘kerberos-timeout-error’: Total Kerberos Timeout; ‘kerberos-other-error’: Total Kerberos Other Error; ‘ntlm-authentication-success’: Total NTLM Authentication Success; ‘ntlm-authentication-failure’: Total NTLM Authentication Failure; ‘ntlm-proto-negotiation-success’: Total NTLM Protocol Negotiation Success; ‘ntlm-proto-negotiation-failure’: Total NTLM Protocol Negotiation Failure; ‘ntlm-session-setup-success’: Total NTLM Session Setup Success; ‘ntlm-session-setup-failed’: Total NTLM Session Setup Failure; ‘kerberos-request-normal’: Total Kerberos Normal Request; ‘kerberos-request-dropped’: Total Kerberos Dropped Request; ‘kerberos-response-success’: Total Kerberos Success Response; ‘kerberos-response-failure’: Total Kerberos Failure Response; ‘kerberos-response-error’: Total Kerberos Error Response; ‘kerberos-response-timeout’: Total Kerberos Timeout Response; ‘kerberos-response-other’: Total Kerberos Other Response; ‘kerberos-job-start-error’: Total Kerberos Job Start Error; ‘kerberos-polling-control-error’: Total Kerberos Polling Control Error; ‘ntlm-prepare-req-success’: Total NTLM Prepare Request Success; ‘ntlm-prepare-req-failed’: Total NTLM Prepare Request Failed; ‘ntlm-timeout-error’: Total NTLM Timeout; ‘ntlm-other-error’: Total NTLM Other Error; ‘ntlm-request-normal’: Total NTLM Normal Request; ‘ntlm-request-dropped’: Total NTLM Dropped Request; ‘ntlm-response-success’: Total NTLM Success Response; ‘ntlm-response-failure’: Total NTLM Failure Response; ‘ntlm-response-error’: Total NTLM Error Response; ‘ntlm-response-timeout’: Total NTLM Timeout Response; ‘ntlm-response-other’: Total NTLM Other Response; ‘ntlm-job-start-error’: Total NTLM Job Start Error; ‘ntlm-polling-control-error’: Total NTLM Polling Control Error; ‘kerberos-pw-expiry’: Total Kerberos password expiry; ‘kerberos-pw-change-success’: Total Kerberos password change success; ‘kerberos-pw-change-failure’: Total Kerberos password change failure; ‘kerberos-validate-kdc-success’: Total Kerberos KDC Validation Success; ‘kerberos-validate-kdc-failure’: Total Kerberos KDC Validation Failure; ‘kerberos-generate-kdc-keytab-success’: Total Kerberos KDC Keytab Generation Success; ‘kerberos-generate-kdc-keytab-failure’: Total Kerberos KDC Keytab Generation Failure; ‘kerberos-delete-kdc-keytab-success’: Total Kerberos KDC Keytab Deletion Success; ‘kerberos-delete-kdc-keytab-failure’: Total Kerberos KDC Keytab Deletion Failure; ‘kerberos-kdc-keytab-count’: Current Kerberos KDC Keytab Count;
Type: string
Supported Values: all, kerberos-request-send, kerberos-response-get, kerberos-timeout-error, kerberos-other-error, ntlm-authentication-success, ntlm-authentication-failure, ntlm-proto-negotiation-success, ntlm-proto-negotiation-failure, ntlm-session-setup-success, ntlm-session-setup-failed, kerberos-request-normal, kerberos-request-dropped, kerberos-response-success, kerberos-response-failure, kerberos-response-error, kerberos-response-timeout, kerberos-response-other, kerberos-job-start-error, kerberos-polling-control-error, ntlm-prepare-req-success, ntlm-prepare-req-failed, ntlm-timeout-error, ntlm-other-error, ntlm-request-normal, ntlm-request-dropped, ntlm-response-success, ntlm-response-failure, ntlm-response-error, ntlm-response-timeout, ntlm-response-other, ntlm-job-start-error, ntlm-polling-control-error, kerberos-pw-expiry, kerberos-pw-change-success, kerberos-pw-change-failure, kerberos-validate-kdc-success, kerberos-validate-kdc-failure, kerberos-generate-kdc-keytab-success, kerberos-generate-kdc-keytab-failure, kerberos-delete-kdc-keytab-success, kerberos-delete-kdc-keytab-failure, kerberos-kdc-keytab-count
authentication_server_windows_instance-list¶
Specification Type list Block object keys auth-protocol
Description: auth-protocol is a JSON Block. Please see below for authentication_server_windows_instance-list_auth-protocol
Type: Object
health-check
Description Check server’s health status
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
health-check-disable
Description Disable configured health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
health-check-string
Description Health monitor name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/health/monitor
host
Description: host is a JSON Block. Please see below for authentication_server_windows_instance-list_host
Type: Object
name
Description Specify Windows authentication server name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-win-inst-tmpl
realm
Description Specify realm of Windows server
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
sampling-enable
Type: Listsupport-apacheds-kdc
Description Enable weak cipher (DES CRC/MD5/MD4) and merge AS-REQ in single packet
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
timeout
Description Specify connection timeout to server, default is 10 seconds
Type: number
Range: 1-255
Default: 10
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server_windows_instance-list_host¶
Specification Type object hostip
Description Specify the Windows server’s hostname(Length 1-31) or IP address
Type: string
Format: host
Maximum Length: 31 characters
Maximum Length: 1 characters
Mutual Exclusion: hostip and hostipv6 are mutually exclusive
hostipv6
Description Specify the Windows server’s IPV6 address
Type: string
Format: ipv6-address
Mutual Exclusion: hostipv6 and hostip are mutually exclusive
authentication_server_windows_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘krb_send_req_success’: Kerberos Request; ‘krb_get_resp_success’: Kerberos Response; ‘krb_timeout_error’: Kerberos Timeout; ‘krb_other_error’: Kerberos Other Error; ‘krb_pw_expiry’: Kerberos password expiry; ‘krb_pw_change_success’: Kerberos password change success; ‘krb_pw_change_failure’: Kerberos password change failure; ‘ntlm_proto_nego_success’: NTLM Protocol Negotiation Success; ‘ntlm_proto_nego_failure’: NTLM Protocol Negotiation Failure; ‘ntlm_session_setup_success’: NTLM Session Setup Success; ‘ntlm_session_setup_failure’: NTLM Session Setup Failure; ‘ntlm_prepare_req_success’: NTLM Prepare Request Success; ‘ntlm_prepare_req_error’: NTLM Prepare Request Error; ‘ntlm_auth_success’: NTLM Authentication Success; ‘ntlm_auth_failure’: NTLM Authentication Failure; ‘ntlm_timeout_error’: NTLM Timeout; ‘ntlm_other_error’: NTLM Other Error; ‘krb_validate_kdc_success’: Kerberos KDC Validation Success; ‘krb_validate_kdc_failure’: Kerberos KDC Validation Failure;
Type: string
Supported Values: all, krb_send_req_success, krb_get_resp_success, krb_timeout_error, krb_other_error, krb_pw_expiry, krb_pw_change_success, krb_pw_change_failure, ntlm_proto_nego_success, ntlm_proto_nego_failure, ntlm_session_setup_success, ntlm_session_setup_failure, ntlm_prepare_req_success, ntlm_prepare_req_error, ntlm_auth_success, ntlm_auth_failure, ntlm_timeout_error, ntlm_other_error, krb_validate_kdc_success, krb_validate_kdc_failure
authentication_server_windows_instance-list_auth-protocol¶
Specification Type object kdc-validate
Description Enable KDC validation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
kerberos-disable
Description Disable Kerberos authentication protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
kerberos-kdc-validation
Description: kerberos-kdc-validation is a JSON Block. Please see below for authentication_server_windows_instance-list_auth-protocol_kerberos-kdc-validation
Type: Object
kerberos-password-change-port
Description Specify the Kerbros password change port, default is 464
Type: number
Range: 1-65534
Default: 464
kerberos-port
Description Specify the Kerberos port, default is 88
Type: number
Range: 1-65534
Default: 88
kport-hm
Description Check Kerberos port’s health status
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: kport-hm and kport-hm-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
kport-hm-disable
Description Disable configured Kerberos port health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: kport-hm-disable and kport-hm are mutually exclusive
ntlm-disable
Description Disable NTLM authentication protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ntlm-health-check
Description Check NTLM port’s health status
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: ntlm-health-check and ntlm-health-check-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
ntlm-health-check-disable
Description Disable configured NTLM port health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: ntlm-health-check-disable and ntlm-health-check are mutually exclusive
ntlm-version
Description Specify NTLM version, default is 2
Type: number
Range: 1-2
Default: 2
authentication_server_windows_instance-list_auth-protocol_kerberos-kdc-validation¶
Specification Type object encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.)kdc-account
Description Specify account for KDC validation
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
kdc-password
Description Specify account password
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
kdc-pwd
Description Account password
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
kdc-spn
Description Specify SPN for KDC validation
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
authentication_server_ocsp¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/server/ocsp/instance/{name}
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server_ocsp_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘stapling-certificate-good’: Total OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: Total OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: Total OCSP Stapling Unknown Certificate Response; ‘stapling-request-normal’: Total OSCP Stapling Normal Request; ‘stapling-request-dropped’: Total OCSP Stapling Dropped Request; ‘stapling-response-success’: Total OCSP Stapling Success Response; ‘stapling-response-failure’: Total OCSP Stapling Failure Response; ‘stapling-response-error’: Total OCSP Stapling Error Response; ‘stapling-response-timeout’: Total OCSP Stapling Timeout Response; ‘stapling-response-other’: Total OCSP Stapling Other Response; ‘request-normal’: Total OSCP Normal Request; ‘request-dropped’: Total OCSP Dropped Request; ‘response-success’: Total OCSP Success Response; ‘response-failure’: Total OCSP Failure Response; ‘response-error’: Total OCSP Error Response; ‘response-timeout’: Total OCSP Timeout Response; ‘response-other’: Total OCSP Other Response; ‘job-start-error’: Total OCSP Job Start Error; ‘polling-control-error’: Total OCSP Polling Control Error;
Type: string
Supported Values: all, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-request-normal, stapling-request-dropped, stapling-response-success, stapling-response-failure, stapling-response-error, stapling-response-timeout, stapling-response-other, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error
authentication_server_ocsp_instance-list¶
Specification Type list Block object keys health-check
Description Check server’s health status
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
health-check-disable
Description Disable configured health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
health-check-string
Description Health monitor name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/health/monitor
http-version
Description Set HTTP version (default 1.0)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Specify OCSP authentication server name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-ocsp-inst-tmpl
port-health-check
Description Check port’s health status
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: port-health-check and port-health-check-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
port-health-check-disable
Description Disable configured port health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: port-health-check-disable and port-health-check are mutually exclusive
responder-ca
Description Specify the trusted OCSP responder’s CA cert filename
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
responder-cert
Description Specify the trusted OCSP responder’s cert filename
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
sampling-enable
Type: Listurl
Description Specify the OCSP server’s address (Format: http://host[:port]/) (The OCSP server’s address(Format: http://host[:port]/))
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
version-type
Description ‘1.1’: HTTP version 1.1;
Type: string
Supported Values: 1.1
authentication_server_ocsp_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘request’: Request; ‘certificate-good’: Good Certificate Response; ‘certificate-revoked’: Revoked Certificate Response; ‘certificate-unknown’: Unknown Certificate Response; ‘timeout’: Timeout; ‘fail’: Handle OCSP response failed; ‘stapling-request’: OCSP Stapling Request Send; ‘stapling-certificate-good’: OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: OCSP Stapling Unknown Certificate Response; ‘stapling-timeout’: OCSP Stapling Timeout; ‘stapling-fail’: Handle OCSP response failed;
Type: string
Supported Values: all, request, certificate-good, certificate-revoked, certificate-unknown, timeout, fail, stapling-request, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-timeout, stapling-fail
authentication_server_radius¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/server/radius/instance/{name}
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server_radius_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘authen_success’: Total Authentication Success; ‘authen_failure’: Total Authentication Failure; ‘authorize_success’: Total Authorization Success; ‘authorize_failure’: Total Authorization Failure; ‘access_challenge’: Total Access-Challenge Message Receive; ‘timeout_error’: Total Timeout; ‘other_error’: Total Other Error; ‘request’: Total Request; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error; ‘accounting-request-sent’: Accounting-Request Sent; ‘accounting-success’: Accounting Success; ‘accounting-failure’: Accounting Failure;
Type: string
Supported Values: all, authen_success, authen_failure, authorize_success, authorize_failure, access_challenge, timeout_error, other_error, request, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error, accounting-request-sent, accounting-success, accounting-failure
authentication_server_radius_instance-list¶
Specification Type list Block object keys accounting-port
Description Specify the RADIUS server’s accounting port, default is 1813
Type: number
Range: 1-65534
Default: 1813
acct-port-hm
Description Specify accounting port health check method
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: acct-port-hm and acct-port-hm-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
acct-port-hm-disable
Description Disable configured accounting port health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: acct-port-hm-disable and acct-port-hm are mutually exclusive
auth-type
Description ‘pap’: PAP authentication. Default; ‘mschapv2’: MS-CHAPv2 authentication; ‘mschapv2-pap’: Use MS-CHAPv2 first. If server doesn’t support it, try PAP;
Type: string
Supported Values: pap, mschapv2, mschapv2-pap
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)health-check
Description Check server’s health status
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
health-check-disable
Description Disable configured health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
health-check-string
Description Health monitor name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/health/monitor
host
Description: host is a JSON Block. Please see below for authentication_server_radius_instance-list_host
Type: Object
interval
Description Specify the interval time for resend the request (second), default is 3 seconds (The interval time(second), default is 3 seconds)
Type: number
Range: 1-1024
Default: 3
name
Description Specify RADIUS authentication server name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-rad-inst-tmpl
port
Description Specify the RADIUS server’s authentication port, default is 1812
Type: number
Range: 1-65534
Default: 1812
port-hm
Description Check port’s health status
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: port-hm and port-hm-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
port-hm-disable
Description Disable configured port health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: port-hm-disable and port-hm are mutually exclusive
retry
Description Specify the retry number for resend the request, default is 5 (The retry number, default is 5)
Type: number
Range: 1-32
Default: 5
sampling-enable
Type: Listsecret
Description Specify the RADIUS server’s secret
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
secret-string
Description The RADIUS server’s secret
Type: string
Format: password
Maximum Length: 128 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server_radius_instance-list_host¶
Specification Type object hostip
Description Server’s hostname(Length 1-31) or IP address
Type: string
Format: host
Maximum Length: 31 characters
Maximum Length: 1 characters
Mutual Exclusion: hostip and hostipv6 are mutually exclusive
hostipv6
Description Server’s IPV6 address
Type: string
Format: ipv6-address
Mutual Exclusion: hostipv6 and hostip are mutually exclusive
authentication_server_radius_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘authen_success’: Authentication Success; ‘authen_failure’: Authentication Failure; ‘authorize_success’: Authorization Success; ‘authorize_failure’: Authorization Failure; ‘access_challenge’: Access-Challenge Message Receive; ‘timeout_error’: Timeout; ‘other_error’: Other Error; ‘request’: Request; ‘accounting-request-sent’: Accounting-Request Sent; ‘accounting-success’: Accounting Success; ‘accounting-failure’: Accounting Failure;
Type: string
Supported Values: all, authen_success, authen_failure, authorize_success, authorize_failure, access_challenge, timeout_error, other_error, request, accounting-request-sent, accounting-success, accounting-failure
authentication_server_ldap¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/server/ldap/instance/{name}
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server_ldap_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘admin-bind-success’: Total Admin Bind Success; ‘admin-bind-failure’: Total Admin Bind Failure; ‘bind-success’: Total User Bind Success; ‘bind-failure’: Total User Bind Failure; ‘search-success’: Total Search Success; ‘search-failure’: Total Search Failure; ‘authorize-success’: Total Authorization Success; ‘authorize-failure’: Total Authorization Failure; ‘timeout-error’: Total Timeout; ‘other-error’: Total Other Error; ‘request’: Total Request; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error; ‘ssl-session-created’: TLS/SSL Session Created; ‘ssl-session-failure’: TLS/SSL Session Failure; ‘ldaps-idle-conn-num’: LDAPS Idle Connection Number; ‘ldaps-inuse-conn-num’: LDAPS In-use Connection Number; ‘pw-expiry’: Total Password expiry; ‘pw-change-success’: Total password change success; ‘pw-change-failure’: Total password change failure;
Type: string
Supported Values: all, admin-bind-success, admin-bind-failure, bind-success, bind-failure, search-success, search-failure, authorize-success, authorize-failure, timeout-error, other-error, request, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error, ssl-session-created, ssl-session-failure, ldaps-idle-conn-num, ldaps-inuse-conn-num, pw-expiry, pw-change-success, pw-change-failure
authentication_server_ldap_instance-list¶
Specification Type list Block object keys admin-dn
Description The LDAP server’s admin DN
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
admin-secret
Description Specify the LDAP server’s admin secret password
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
auth-type
Description ‘ad’: Active Directory. Default; ‘open-ldap’: OpenLDAP;
Type: string
Supported Values: ad, open-ldap
base
Description Specify the LDAP server’s search base
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
bind-with-dn
Description Enforce using DN for LDAP binding(All user input name will be used to create DN)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ca-cert
Description Specify the LDAPS CA cert filename (Trusted LDAPS CA cert filename)
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
default-domain
Description Specify default domain for LDAP
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
derive-bind-dn
Description: derive-bind-dn is a JSON Block. Please see below for authentication_server_ldap_instance-list_derive-bind-dn
Type: Object
dn-attribute
Description Specify Distinguished Name attribute, default is CN
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
Default: cn
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)health-check
Description Check server’s health status
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
health-check-disable
Description Disable configured health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
health-check-string
Description Health monitor name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/health/monitor
host
Description: host is a JSON Block. Please see below for authentication_server_ldap_instance-list_host
Type: Object
ldaps-conn-reuse-idle-timeout
Description Specify LDAPS connection reuse idle timeout value (in seconds) (Specify idle timeout value (in seconds), default is 0 (not reuse LDAPS connection))
Type: number
Range: 0-86400
Default: 0
name
Description Specify LDAP authentication server name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-ldap-inst-tmpl
port
Description Specify the LDAP server’s authentication port, default is 389
Type: number
Range: 1-65534
Default: 389
port-hm
Description Check port’s health status
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: port-hm and port-hm-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
port-hm-disable
Description Disable configured port health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: port-hm-disable and port-hm are mutually exclusive
prompt-pw-change-before-exp
Description Prompt user to change password before expiration in N days. This option only takes effect when server type is AD (Prompt user to change password before expiration in N days, default is not to prompt the user)
Type: number
Range: 1-999
protocol
Description ‘ldap’: Use LDAP (default); ‘ldaps’: Use LDAP over SSL; ‘starttls’: Use LDAP StartTLS;
Type: string
Supported Values: ldap, ldaps, starttls
Default: ldap
pwdmaxage
Description Specify the LDAP server’s default password expiration time (in seconds) (The LDAP server’s default password expiration time (in seconds), default is 0 (no expiration))
Type: number
Range: 0-4294967295
Default: 0
sampling-enable
Type: Listsecret-string
Description secret password
Type: string
Format: password
Maximum Length: 128 characters
Maximum Length: 1 characters
timeout
Description Specify timout for LDAP, default is 10 seconds (The timeout, default is 10 seconds)
Type: number
Range: 1-255
Default: 10
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_server_ldap_instance-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘admin-bind-success’: Admin Bind Success; ‘admin-bind-failure’: Admin Bind Failure; ‘bind-success’: User Bind Success; ‘bind-failure’: User Bind Failure; ‘search-success’: Search Success; ‘search-failure’: Search Failure; ‘authorize-success’: Authorization Success; ‘authorize-failure’: Authorization Failure; ‘timeout-error’: Timeout; ‘other-error’: Other Error; ‘request’: Request; ‘ssl-session-created’: TLS/SSL Session Created; ‘ssl-session-failure’: TLS/SSL Session Failure; ‘pw_expiry’: Password expiry; ‘pw_change_success’: Password change success; ‘pw_change_failure’: Password change failure;
Type: string
Supported Values: all, admin-bind-success, admin-bind-failure, bind-success, bind-failure, search-success, search-failure, authorize-success, authorize-failure, timeout-error, other-error, request, ssl-session-created, ssl-session-failure, pw_expiry, pw_change_success, pw_change_failure
authentication_server_ldap_instance-list_derive-bind-dn¶
Specification Type object username-attr
Description Specify attribute name of username
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
authentication_server_ldap_instance-list_host¶
Specification Type object hostip
Description Server’s hostname(Length 1-31) or IP address
Type: string
Format: host
Maximum Length: 31 characters
Maximum Length: 1 characters
Mutual Exclusion: hostip and hostipv6 are mutually exclusive
hostipv6
Description Server’s IPV6 address
Type: string
Format: ipv6-address
Mutual Exclusion: hostipv6 and hostip are mutually exclusive
authentication_captcha¶
Specification Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/captcha/instance/{name}
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_captcha_instance-list¶
Specification Type list Block object keys client-ip-param-name
Description Specify client ip parameter name used in API (Set parameter name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)method
Description ‘POST’: API uses POST method; ‘GET’: API uses GET method;
Type: string
Supported Values: POST, GET
Default: POST
name
Description Specify captcha profile name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
resp-error-code-field-name
Description Specify error code field name used in JSON response (Set field name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
resp-result-field-name
Description Specify result field name used in JSON response (Set field name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
secret-key
Description Specify secret key
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
secret-key-param-name
Description Specify secret key parameter name used in API (Set parameter name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
secret-key-string
Description Secret key string
Type: string
Format: password
Maximum Length: 127 characters
Maximum Length: 1 characters
send-client-ip
Description Send client IP address in API
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
timeout
Description Specify timeout for verify API response (Specify timeout value, default is 10 seconds)
Type: number
Range: 1-255
Default: 10
token-param-name
Description Specify token parameter name used in API (Set parameter name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
url
Description Specify verify API URL, default scheme is https
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_session¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_file¶
Specification Type object portal
Description: portal is a JSON Block. Please see below for authentication_file_portal
Type: Object
Reference Object: /axapi/v3/aam/authentication/file/portal
portal-image
Description: portal-image is a JSON Block. Please see below for authentication_file_portal-image
Type: Object
Reference Object: /axapi/v3/aam/authentication/file/portal-image
authentication_file_portal¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_file_portal-image¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_oauth¶
Specification Type object authorization-server-list
Type: List
Reference Object: /axapi/v3/aam/authentication/oauth/authorization-server/{name}
client-list
Type: List
Reference Object: /axapi/v3/aam/authentication/oauth/client/{name}
global
Description: global is a JSON Block. Please see below for authentication_oauth_global
Type: Object
Reference Object: /axapi/v3/aam/authentication/oauth/global
authentication_oauth_global¶
Specification Type object sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_oauth_global_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘auth-req’: some help string; ‘auth-succ’: some help string; ‘auth-fail’: some help string; ‘auth-error’: some help string; ‘relay-req’: some help string; ‘relay-succ’: some help string; ‘relay-fail’: some help string; ‘other-error’: some help string;
Type: string
Supported Values: all, auth-req, auth-succ, auth-fail, auth-error, relay-req, relay-succ, relay-fail, other-error
authentication_oauth_client-list¶
Specification Type list Block object keys client-id
Description Specify oauth client-id
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
client-secret
Description
Type: string
Format: password
Maximum Length: 127 characters
Maximum Length: 1 characters
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)grant-type
Description ‘implicit’: The authorization server will return access token directly.; ‘authorization-code’: The authorization server will respond with code which can be exchange for access token.; ‘hybrid-code-id-token’: The authorization server will respond with both code and id token.; ‘hybrid-code-token’: The authorization server will respond with both code and access token.; ‘hybrid-all’: The authorization server will respond with code, access token and id token;
Type: string
Supported Values: implicit, authorization-code, hybrid-code-id-token, hybrid-code-token, hybrid-all
infinity
Description Auth session never time out whatever value oauth servers’ response
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: infinity and token-lifetime are mutually exclusive
name
Description Specify client object name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
no-reply
Description AX will not check the nonce value in response
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
parameter-nonce-enable
Description Enable nonce parameter for authorization and token request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
redirection-endpoint
Description Oauth client redirection endpoint service URL.
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
scope
Description Specify request scope parameters (e.g. profile email address phone)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
session-init-ttl
Description TTL for Thunder to wait for first response from authorization server
Type: number
Range: 1-60
token-lifetime
Description
Type: number
Range: 1-2592000
Mutual Exclusion: token-lifetime and infinity are mutually exclusive
type
Description ‘openid-connect’: openid-connect;
Type: string
Supported Values: openid-connect
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_oauth_authorization-server-list¶
Specification Type list Block object keys authorization-endpoint
Description Specify URI for authorization
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
client-method
Description ‘ignored’: Clients’ browser will send data according to server spec (default); ‘post’: Clients’ browser will send data by POST; ‘get’: Clients’ browser will send data by GET;
Type: string
Supported Values: ignored, post, get
issuer
Description Specify openid provider name for authorization
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
name
Description Specify authorization server object name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
sampling-enable
Type: Listserver-method
Description ‘post’: AX will send data to server by POST (default); ‘get’: AX will send data to server by GET;
Type: string
Supported Values: post, get
token-endpoint
Description Specify URI for token exchange
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
verification-cert
Description Specify certificate to verify ID token signature
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: verification-cert and verification-jwks are mutually exclusive
verification-jwks
Description Specify jwks file to verify ID token signature
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: verification-jwks and verification-cert are mutually exclusive
authentication_oauth_authorization-server-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘auth-req’: some help string; ‘auth-succ’: some help string; ‘auth-fail’: some help string; ‘auth-error’: some help string; ‘other-error’: some help string;
Type: string
Supported Values: all, auth-req, auth-succ, auth-fail, auth-error, other-error
authentication_password-retry¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_template-list¶
Specification Type list Block object keys account
Description Specify AD domain account
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/account/kerberos-spn
accounting-server
Description Specify a RADIUS accounting server
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: accounting-server and accounting-service-group are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/server/radius/instance
accounting-service-group
Description Specify an authentication service group for RADIUS accounting
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: accounting-service-group and accounting-server are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/service-group
auth-sess-mode
Description ‘cookie-based’: Track auth-session by cookie (default); ‘ip-based’: Track auth-session by client IP;
Type: string
Supported Values: cookie-based, ip-based
captcha
Description Specify captcha profile (Specify captcha proflie name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/captcha/instance
chain
Type: Listcookie-domain
Type: Listcookie-domain-group
Type: Listcookie-httponly-enable
Description Enable httponly attribute for AAM cookies
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cookie-max-age
Description Configure Max-Age for authentication session cookie (Configure Max-Age in seconds, 0 for no Max-Age/Expires attributes. Default is 604800 (1 week).)
Type: number
Range: 0-2592000
Default: 604800
cookie-samesite
Description ‘strict’: Specify SameSite attribute as Strict for AAM cookie; ‘lax’: Specify SameSite attribute as Lax for AAM cookie; ‘none’: Specify SameSite attribute as None for AAM cookie;
Type: string
Supported Values: strict, lax, none
cookie-secure-enable
Description Enable secure attribute for AAM cookies
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-logout-disable
Description Disable forward logout request to backend application server. The config-field logout-url must be configured first
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
jwt
Description Specify authentication jwt template
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/jwt
local-logging
Description Enable local logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log
Description ‘use-partition-level-config’: Use configuration of authentication-log enable command; ‘enable’: Enable authentication logs for this template; ‘disable’: Disable authentication logs for this template;
Type: string
Supported Values: use-partition-level-config, enable, disable
Default: use-partition-level-config
logon
Description Specify authentication logon (Specify authentication logon template name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
logout-idle-timeout
Description Specify idle logout time (Specify idle timeout in seconds, default is 300)
Type: number
Range: 1-86400
Default: 300
logout-url
Description Specify logout url (Specify logout url string)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
max-session-time
Description Specify default SAML token lifetime (Specify lifetime (in seconds) of SAML token when it not provided by token attributes, default is 28800. (0 for indefinite))
Type: number
Range: 0-86400
modify-content-security-policy
Description Put redirect-uri or service-principal-name into CSP header to avoid CPS break authentication process
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Authentication template name
Type: string
Maximum Length: 127 characters
Maximum Length: 1 characters
oauth-authorization-server
Description Specify OAUTH authorization server
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
oauth-client
Description Specify OAUTH client
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
redirect-hostname
Description Hostname(Length 1-31) for transparent-proxy authentication
Type: string
Format: host
Maximum Length: 31 characters
Maximum Length: 1 characters
relay
Description Specify authentication relay (Specify authentication relay template name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
saml-idp
Description Specify SAML identity provider
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
saml-sp
Description Specify SAML service provider
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
server
Description Specify authentication server (Specify authentication server template name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: server and service-group are mutually exclusive
service-group
Description Bind an authentication service group to this template (Specify authentication service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: service-group server and chain-server are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/service-group
type
Description ‘saml’: SAML authentication template; ‘standard’: Standard authentication template; ‘oauth’: Oauth 2.0 authentication template;
Type: string
Supported Values: saml, standard, oauth
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authentication_template-list_chain¶
Specification Type list Block object keys chain-server
Description Specify authentication server (Specify authentication server template name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: chain-server service-group and chain-sg are mutually exclusive
chain-server-priority
Description Set server priority, higher the number higher the priority. Default is 3. (Chain server priority, higher the number higher the priority. Default is 3.)
Type: number
Range: 1-5
Default: 3
chain-sg
Description Bind an authentication service group to this template (Specify authentication service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: chain-sg and chain-server are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/service-group
chain-sg-priority
Description Set service-group priority, higher the number higher the priority. Default is 3. (Chain service-group priority, higher the number higher the priority. Default is 3.)
Type: number
Range: 1-5
Default: 3
authentication_template-list_cookie-domain-group¶
Specification Type list Block object keys cookie-dmngrp
Description Specify group id to join in the cookie-domain
Type: number
Range: 0-31
authentication_template-list_cookie-domain¶
Specification Type list Block object keys cookie-dmn
Description Specify domain scope for the authentication (ex: .a10networks.com)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 2 characters
rdns¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
aaa-policy-list¶
Specification Type list Block object keys aaa-rule-list
Type: List
Reference Object: /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index}
name
Description Specify AAA policy name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-aaa-policy-tmpl
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
aaa-policy-list_aaa-rule-list¶
Specification Type list Block object keys access-list
Description: access-list is a JSON Block. Please see below for aaa-policy-list_aaa-rule-list_access-list
Type: Object
action
Description ‘allow’: Allow traffic that matches this rule; ‘deny’: Deny traffic that matches this rule;
Type: string
Supported Values: allow, deny
auth-failure-bypass
Description Forward client request even though authentication has failed
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication-template
Description Specify authentication template name to bind to the AAA rule
Type: string
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/template
authorize-policy
Description Specify authorization policy to bind to the AAA rule
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authorization/policy
captcha-authz-policy
Description Specify authorization policy for CAPTCHA (Authorization policy name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authorization/policy
domain-name
Description Specify domain name to bind to the AAA rule (ex: a10networks.com, www.a10networks.com)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
host
Type: Listindex
Description Specify AAA rule index
Type: number
Range: 1-256
match-encoded-uri
Description Enable URL decoding for URI matching
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
port
Description Specify port number for aaa-rule, default is 0 for all port numbers
Type: number
Range: 1-65535
sampling-enable
Type: Listuri
Type: Listuser-agent
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
aaa-policy-list_aaa-rule-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘total_count’: some help string; ‘hit_deny’: some help string; ‘hit_auth’: some help string; ‘hit_bypass’: some help string; ‘failure_bypass’: some help string;
Type: string
Supported Values: all, total_count, hit_deny, hit_auth, hit_bypass, failure_bypass
aaa-policy-list_aaa-rule-list_uri¶
Specification Type list Block object keys match-type
Description ‘contains’: Match URI if request URI contains specified URI; ‘ends-with’: Match URI if request URI ends with specified URI; ‘equals’: Match URI if request URI equals specified URI; ‘starts-with’: Match URI if request URI starts with specified URI;
Type: string
Supported Values: contains, ends-with, equals, starts-with
uri-str
Description Specify URI string
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
aaa-policy-list_aaa-rule-list_user-agent¶
Specification Type list Block object keys user-agent-match-type
Description ‘contains’: Match request User-Agent header if it contains specified string; ‘ends-with’: Match request User-Agent header if it ends with specified string; ‘equals’: Match request User-Agent header if it equals specified string; ‘starts-with’: Match request User-Agent header if it starts with specified string;
Type: string
Supported Values: contains, ends-with, equals, starts-with
user-agent-str
Description Specify request User-Agent string
Type: string
Format: string-rlx
Maximum Length: 511 characters
Maximum Length: 1 characters
aaa-policy-list_aaa-rule-list_host¶
Specification Type list Block object keys host-match-type
Description ‘contains’: Match HOST if request HTTP HOST header contains specified hostname; ‘ends-with’: Match HOST if request HTTP HOST header ends with specified hostname; ‘equals’: Match HOST if request HTTP HOST header equals specified hostname; ‘starts-with’: Match HOST if request HTTP HOST header starts with specified hostname;
Type: string
Supported Values: contains, ends-with, equals, starts-with
host-str
Description Specify URI string
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
aaa-policy-list_aaa-rule-list_access-list¶
Specification Type object acl-id
Description ACL id
Type: number
Range: 1-199
Mutual Exclusion: acl-id and acl-name are mutually exclusive
acl-name
Description ‘ip-name’: Apply an IP named access list; ‘ipv6-name’: Apply an IPv6 named access list;
Type: string
Supported Values: ip-name, ipv6-name
Mutual Exclusion: acl-name and acl-id are mutually exclusive
name
Description Specify Named Access List
Type: string
Maximum Length: 16 characters
Maximum Length: 1 characters
aaa-policy-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘req’: Request; ‘req-reject’: Request Rejected; ‘req-auth’: Request Matching Authentication Template; ‘req-bypass’: Request Bypassed; ‘req-skip’: Request Skipped; ‘error’: Error; ‘failure-bypass’: Auth Failure Bypass;
Type: string
Supported Values: all, req, req-reject, req-auth, req-bypass, req-skip, error, failure-bypass
authorization¶
Specification Type object jwt
Description: jwt is a JSON Block. Please see below for authorization_jwt
Type: Object
Reference Object: /axapi/v3/aam/authorization/jwt
policy-list
Type: List
Reference Object: /axapi/v3/aam/authorization/policy/{name}
authorization_policy-list¶
Specification Type list Block object keys attribute-list
Type: List
Reference Object: /axapi/v3/aam/authorization/policy/{name}/attribute/{attr-num}
attribute-rule
Description Define attribute rule for authorization policy
Type: string
Format: string-rlx
extended-filter
Description Extended search filter. EX: Check whether user belongs to a nested group. (memberOf:1.2.840.113556.1.4.1941:=$GROUP-DN)
Type: string
Format: string-rlx
Maximum Length: 511 characters
Maximum Length: 1 characters
forward-policy-authorize-only
Description This policy only provides server info for forward policy feature
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
jwt-authorization
Description Specify JWT authorization template (Specify JWT authorization template name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: jwt-authorization server and service-group are mutually exclusive
Reference Object: /axapi/v3/aam/jwt-authorization
jwt-claim-map-list
Type: List
Reference Object: /axapi/v3/aam/authorization/policy/{name}/jwt-claim-map/{attr-num}
name
Description Specify authorization policy name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
server
Description Specify a LDAP or RADIUS server for authorization (Specify a LDAP or RADIUS server name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: server service-group and jwt-authorization are mutually exclusive
service-group
Description Specify an authentication service group for authorization (Specify authentication service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: service-group server and jwt-authorization are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/service-group
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authorization_policy-list_jwt-claim-map-list¶
Specification Type list Block object keys attr-num
Description Spcify attribute ID for claim mapping
Type: number
Range: 1-32
bool-val
Description ‘true’: True; ‘false’: False;
Type: string
Supported Values: true, false
boolean-type
Description Claim type is boolean
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: boolean-type string-type and number-type are mutually exclusive
claim
Description Specify JWT claim name to map to.
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
num-val
Description Specify JWT claim value.
Type: number
Range: 0-4294967295
number-type
Description Claim type is number
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: number-type string-type and boolean-type are mutually exclusive
str-val
Description Specify JWT claim value.
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
string-type
Description Claim type is string
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: string-type number-type and boolean-type are mutually exclusive
type
Description Specify claim type
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authorization_policy-list_attribute-list¶
Specification Type list Block object keys A10-AX-AUTH-URI
Description Custom-defined attribute
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: A10-AX-AUTH-URI and attribute-name are mutually exclusive
a10-dynamic-defined
Description The value of this attribute will depend on AX configuration instead of user configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
any
Description Matched when attribute is present (with any value).
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: any and attr-type are mutually exclusive
attr-int
Description ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not equal; ‘less-than’: Operation type is less-than; ‘more-than’: Operation type is more-than; ‘less-than-equal-to’: Operation type is less-than-equal-to; ‘more-than-equal-to’: Operation type is more-thatn-equal-to;
Type: string
Supported Values: equal, not-equal, less-than, more-than, less-than-equal-to, more-than-equal-to
attr-int-val
Description Set attribute value
Type: number
Range: 0-4294967295
attr-ip
Description ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not-equal;
Type: string
Supported Values: equal, not-equal
attr-ipv4
Description IPv4 address
Type: string
Format: ipv4-address
attr-num
Description Set attribute ID for authorization policy
Type: number
Range: 1-32
attr-number
Description ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not equal; ‘less-than’: Operation type is less-than; ‘more-than’: Operation type is more-than; ‘less-than-equal-to’: Operation type is less-than-equal-to; ‘more-than-equal-to’: Operation type is more-thatn-equal-to;
Type: string
Supported Values: equal, not-equal, less-than, more-than, less-than-equal-to, more-than-equal-to
attr-number-val
Description Set attribute value
Type: string
Maximum Length: 20 characters
Maximum Length: 1 characters
attr-str
Description ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;
Type: string
Supported Values: match, sub-string
attr-str-val
Description Set attribute value
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
attr-type
Description Specify attribute type
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: attr-type and any are mutually exclusive
attribute-name
Description Specify attribute name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: attribute-name and A10-AX-AUTH-URI are mutually exclusive
custom-attr-str
Description ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;
Type: string
Supported Values: match, sub-string
custom-attr-type
Description Specify attribute type
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
integer-type
Description Attribute type is integer
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: integer-typestring-type, ip-type and number-type are mutually exclusive
ip-type
Description IP address is transformed into network byte order
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: ip-typestring-type, integer-type and number-type are mutually exclusive
number-type
Description Attribute type is decimal number
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: number-typestring-type, integer-type and ip-type are mutually exclusive
string-type
Description Attribute type is string
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: string-typeinteger-type, ip-type and number-type are mutually exclusive
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
authorization_jwt¶
Specification Type object cache
Description: cache is a JSON Block. Please see below for authorization_jwt_cache
Type: Object
Reference Object: /axapi/v3/aam/authorization/jwt/cache
authorization_jwt_cache¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
auth-log¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters