aam authentication oauth

AAM Oauth 2.0 related configuration

oauth Specification

   
Type Intermediate Resource
Element Name oauth
Element URI /axapi/v3/aam/authentication/oauth
Element Attributes oauth_attributes
Schema oauth schema

Operations Allowed:

OperationMethodURIPayload

Get Object

GET

/axapi/v3/aam/authentication/oauth

oauth_attributes

oauth attributes

authorization-server-list

client-list

global

Description: global is a JSON Block. Please see below for global

Type: Object

Reference Object: /axapi/v3/aam/authentication/oauth/global

global

Specification  
Type object

sampling-enable

Type: List

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

global_sampling-enable

Specification  
Type list
Block object keys  

counters1

Description ‘all’: all; ‘auth-req’: some help string; ‘auth-succ’: some help string; ‘auth-fail’: some help string; ‘auth-error’: some help string; ‘relay-req’: some help string; ‘relay-succ’: some help string; ‘relay-fail’: some help string; ‘other-error’: some help string;

Type: string

Supported Values: all, auth-req, auth-succ, auth-fail, auth-error, relay-req, relay-succ, relay-fail, other-error

client-list

Specification  
Type list
Block object keys  

client-id

Description Specify oauth client-id

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

client-secret

Description

Type: string

Format: password

Maximum Length: 127 characters

Maximum Length: 1 characters

encrypted

Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

grant-type

Description ‘implicit’: The authorization server will return access token directly.; ‘authorization-code’: The authorization server will respond with code which can be exchange for access token.; ‘hybrid-code-id-token’: The authorization server will respond with both code and id token.; ‘hybrid-code-token’: The authorization server will respond with both code and access token.; ‘hybrid-all’: The authorization server will respond with code, access token and id token;

Type: string

Supported Values: implicit, authorization-code, hybrid-code-id-token, hybrid-code-token, hybrid-all

infinity

Description Auth session never time out whatever value oauth servers’ response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: infinity and token-lifetime are mutually exclusive

name

Description Specify client object name

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

no-reply

Description AX will not check the nonce value in response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

parameter-nonce-enable

Description Enable nonce parameter for authorization and token request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

redirection-endpoint

Description Oauth client redirection endpoint service URL.

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

scope

Description Specify request scope parameters (e.g. profile email address phone)

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

session-init-ttl

Description TTL for Thunder to wait for first response from authorization server

Type: number

Range: 1-60

token-lifetime

Description

Type: number

Range: 1-2592000

Mutual Exclusion: token-lifetime and infinity are mutually exclusive

type

Description ‘openid-connect’: openid-connect;

Type: string

Supported Values: openid-connect

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

authorization-server-list

Specification  
Type list
Block object keys  

authorization-endpoint

Description Specify URI for authorization

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

client-method

Description ‘ignored’: Clients’ browser will send data according to server spec (default); ‘post’: Clients’ browser will send data by POST; ‘get’: Clients’ browser will send data by GET;

Type: string

Supported Values: ignored, post, get

issuer

Description Specify openid provider name for authorization

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

name

Description Specify authorization server object name

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

sampling-enable

Type: List

server-method

Description ‘post’: AX will send data to server by POST (default); ‘get’: AX will send data to server by GET;

Type: string

Supported Values: post, get

token-endpoint

Description Specify URI for token exchange

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

verification-cert

Description Specify certificate to verify ID token signature

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: verification-cert and verification-jwks are mutually exclusive

verification-jwks

Description Specify jwks file to verify ID token signature

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: verification-jwks and verification-cert are mutually exclusive

authorization-server-list_sampling-enable

Specification  
Type list
Block object keys  

counters1

Description ‘all’: all; ‘auth-req’: some help string; ‘auth-succ’: some help string; ‘auth-fail’: some help string; ‘auth-error’: some help string; ‘other-error’: some help string;

Type: string

Supported Values: all, auth-req, auth-succ, auth-fail, auth-error, other-error