aam jwt-authorization

AAM JWT authorization related configuration

jwt-authorization Specification

   
Type Collection
Object Key(s) name
Collection Name jwt-authorization-list
Collection URI /axapi/v3/aam/jwt-authorization
Element Name jwt-authorization
Element URI /axapi/v3/aam/jwt-authorization/{name}
Element Attributes jwt-authorization_attributes
Statistics Data URI /axapi/v3/aam/jwt-authorization/{name}/stats
Schema jwt-authorization schema

Operations Allowed:

OperationMethodURIPayload

Create Object

POST

/axapi/v3/aam/jwt-authorization

jwt-authorization attributes

Create List

POST

/axapi/v3/aam/jwt-authorization

jwt-authorization attributes

Get Object

GET

/axapi/v3/aam/jwt-authorization/{name}

jwt-authorization attributes

Get List

GET

/axapi/v3/aam/jwt-authorization

jwt-authorization-list

Modify Object

POST

/axapi/v3/aam/jwt-authorization/{name}

jwt-authorization attributes

Replace Object

PUT

/axapi/v3/aam/jwt-authorization/{name}

jwt-authorization attributes

Replace List

PUT

/axapi/v3/aam/jwt-authorization

jwt-authorization-list

Delete Object

DELETE

/axapi/v3/aam/jwt-authorization/{name}

jwt-authorization attributes

jwt-authorization-list

jwt-authorization-list is JSON List of jwt-authorization attributes

jwt-authorization-list : [

jwt-authorization attributes

encrypted

Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

exp-claim-requried

Description Specify the exp claim is required for JWT authorization

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

jwt-cache-enable

Description Enable caching authorized JWT token and skip verification and authorization for cached tokens

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

jwt-exp-default

Description Specify the default token expiration if exp claim is not available (default 1800)

Type: number

Range: 1-86400

jwt-forwarding

Description Specify JWT token will not be stripped while forwarding client request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log-level

Description ‘0’: log disable; ‘1’: only log authorzation fail (default); ‘2’: only log authorization success; ‘3’: log all;

Type: string

Supported Values: 0, 1, 2, 3

name

Description Specify JWT authorization template name

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

packet-capture-template

Description Name of the packet capture template to be bind with this object

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-jwt-authorization-tmpl

sampling-enable

Type: List

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

verification-cert

Description Specify the certificate to verify JWT token signature

Type: string

Maximum Length: 255 characters

Maximum Length: 1 characters

Mutual Exclusion: verification-cert verification-jwks and verification-secret are mutually exclusive

verification-jwks

Description Specify the jwks file to verify JWT token signature

Type: string

Maximum Length: 255 characters

Maximum Length: 1 characters

Mutual Exclusion: verification-jwks verification-cert and verification-secret are mutually exclusive

verification-secret

Description Specify secret for verify JWT token signature

Type: string

Format: password

Maximum Length: 128 characters

Maximum Length: 1 characters

Mutual Exclusion: verification-secret verification-cert and verification-jwks are mutually exclusive

sampling-enable

Specification  
Type list
Block object keys  

counters1

Description ‘all’: all; ‘jwt-request’: JWT Request; ‘jwt-authorize-success’: JWT Authorize Success; ‘jwt-authorize-failure’: JWT Authorize Failure; ‘jwt-missing-token’: JWT Missing Token; ‘jwt-missing-claim’: JWT Missing Claim; ‘jwt-token-expired’: JWT Token Expired; ‘jwt-signature-failure’: JWT Signature Failure; ‘jwt-other-error’: JWT Other Error;

Type: string

Supported Values: all, jwt-request, jwt-authorize-success, jwt-authorize-failure, jwt-missing-token, jwt-missing-claim, jwt-token-expired, jwt-signature-failure, jwt-other-error

stats data

  Counter Size Description
       
  jwt-request 8 JWT Request
  jwt-authorize-success 8 JWT Authorize Success
  jwt-token-expired 8 JWT Token Expired
  jwt-authorize-failure 8 JWT Authorize Failure
  jwt-missing-claim 8 JWT Missing Claim
  jwt-signature-failure 8 JWT Signature Failure
  jwt-other-error 8 JWT Other Error
  jwt-missing-token 8 JWT Missing Token