{ "id":"/axapi/v3/aam/authentication/relay", "type":"object", "node-type":"intermediate", "title":"relay", "operation-not-allowed": ["PUT", "POST", "DELETE"], "partition-visibility":"shared", "auto-created-object":1, "description":"Authentication relay configuration", "properties":{ "http-basic":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/relay/http-basic", "properties":{ "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/http-basic/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify HTTP basic authentication relay name", "optional":false }, "domain":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "description":"Specify user domain, default is null", "optional":true }, "domain-format":{ "type":"string", "format":"enum", "default":"down-level-logon-name", "partition-visibility":"shared", "description":"'user-principal-name': Append domain with User Principal Name format. (e.g. user@domain); 'down-level-logon-name': Append domain with Down-Level Logon Name format. (e.g. domain\\user); ", "enum":[ "user-principal-name", "down-level-logon-name" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'success': Success; 'no-creds': No Credential; 'bad-req': Bad Request; 'unauth': Unauthorized; 'forbidden': Forbidden; 'not-found': Not Found; 'server-error': Internal Server Error; 'unavailable': Service Unavailable; ", "enum":[ "all", "success", "no-creds", "bad-req", "unauth", "forbidden", "not-found", "server-error", "unavailable" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-hbase-inst-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] } } }, "kerberos":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/relay/kerberos", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'request-send': Total Request Send; 'response-get': Total Response Get; 'timeout-error': Total Timeout; 'other-error': Total Other Error; 'request-normal': Total Normal Request; 'request-dropped': Total Dropped Request; 'response-success': Total Success Response; 'response-failure': Total Failure Response; 'response-error': Total Error Response; 'response-timeout': Total Timeout Response; 'response-other': Total Other Response; 'job-start-error': Total Job Start Error; 'polling-control-error': Total Polling Control Error; ", "enum":[ "all", "request-send", "response-get", "timeout-error", "other-error", "request-normal", "request-dropped", "response-success", "response-failure", "response-error", "response-timeout", "response-other", "job-start-error", "polling-control-error" ] } } } ] }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/kerberos/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify Kerberos authentication relay name", "optional":false }, "kerberos-realm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify the kerberos realm", "optional":true }, "kerberos-kdc":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"kerberos-kdc-service-group", "description":"Specify the kerberos kdc ip or host name", "optional":true }, "kerberos-kdc-service-group":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/aam/authentication/service-group", "not":"kerberos-kdc", "description":"Specify an authentication service group as multiple KDCs", "optional":true }, "kerberos-account":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the kerberos account name", "optional":true }, "password":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify password of Kerberos password", "optional":true }, "secret-string":{ "type":"string", "format":"password", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"The kerberos client password", "optional":true }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "default":88, "partition-visibility":"shared", "description":"Specify The KDC port, default is 88", "optional":true }, "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "default":10, "partition-visibility":"shared", "description":"Specify timeout for kerberos transport, default is 10 seconds (The timeout, default is 10 seconds)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'request-send': Request Send; 'response-receive': Response Receive; 'current-requests-of-user': Current Pending Requests of User; 'tickets': Tickets; ", "enum":[ "all", "request-send", "response-receive", "current-requests-of-user", "tickets" ] } } } ] } }, "required":[ "name" ] } ] } } }, "form-based":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/relay/form-based", "properties":{ "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/form-based/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify form-based authentication relay name", "optional":false }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'request': Request; 'invalid_srv_rsp': Invalid Server Response; 'post_fail': POST Failed; 'invalid_cred': Invalid Credential; 'bad_req': Bad Request; 'not_fnd': Not Found; 'error': Internal Server Error; 'other_error': Other Error; ", "enum":[ "all", "request", "invalid_srv_rsp", "post_fail", "invalid_cred", "bad_req", "not_fnd", "error", "other_error" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-form-inst-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true }, "request-uri-list":{ "type":"array", "minItems":1, "items":{ "type":"request-uri" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/form-based/instance/{name}/request-uri/{match-type}+{uri}", "array":[ { "properties":{ "match-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'equals': URI exactly matches the string; 'contains': URI string contains another sub string; 'starts-with': URI string starts with sub string; 'ends-with': URI string ends with sub string; ", "enum":[ "equals", "contains", "starts-with", "ends-with" ], "optional":false }, "uri":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify request URI", "optional":false }, "user-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify username variable name", "optional":true }, "password-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify password variable name", "optional":true }, "domain-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify domain variable name", "optional":true }, "other-variables":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify other variables (n1=v1&n2=v2) in form relay", "optional":true }, "max-packet-collect-size":{ "type":"number", "format":"number", "minimum":1024, "maximum":2097152, "default":1048576, "partition-visibility":"shared", "description":"Specify the max packet collection size in bytes, default is 1MB", "optional":true }, "cookie":{ "type":"object", "properties":{ "cookie-value":{ "type":"object", "properties":{ "cookie-value":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify cookie in POST packet" } } } } }, "action-uri":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the action-URI", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true } }, "required":[ "match-type", "uri" ] } ] } }, "required":[ "name" ] } ] } } }, "ntlm-list":{ "type":"array", "minItems":1, "items":{ "type":"ntlm" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/ntlm/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify NTLM authentication relay name", "optional":false }, "large-request-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable NTLM relay processing for large requests", "optional":true }, "domain":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "description":"Specify NTLM domain, default is null", "optional":true }, "version":{ "type":"number", "format":"number", "minimum":1, "maximum":2, "default":2, "partition-visibility":"shared", "description":"Specify NTLM version, default is NTLM 2", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'success': Success; 'failure': Failure; 'request': Request; 'response': Response; 'http-code-200': HTTP 200 OK; 'http-code-400': HTTP 400 Bad Request; 'http-code-401': HTTP 401 Unauthorized; 'http-code-403': HTTP 403 Forbidden; 'http-code-404': HTTP 404 Not Found; 'http-code-500': HTTP 500 Internal Server Error; 'http-code-503': HTTP 503 Service Unavailable; 'http-code-other': Other HTTP Response; 'buffer-alloc-fail': Buffer Allocation Failure; 'encoding-fail': Encoding Failure; 'insert-header-fail': Insert Header Failure; 'parse-header-fail': Parse Header Failure; 'internal-error': Internal Error; 'ntlm-auth-skipped': Requests for which NTLM relay is skipped; 'large-request-processing': Requests invoking large request processing; 'large-request-flushed': Large requests sent to server; 'head-negotiate-request-sent': HEAD requests sent with NEGOTIATE header; 'head-auth-request-sent': HEAD requests sent with AUTH header; ", "enum":[ "all", "success", "failure", "request", "response", "http-code-200", "http-code-400", "http-code-401", "http-code-403", "http-code-404", "http-code-500", "http-code-503", "http-code-other", "buffer-alloc-fail", "encoding-fail", "insert-header-fail", "parse-header-fail", "internal-error", "ntlm-auth-skipped", "large-request-processing", "large-request-flushed", "head-negotiate-request-sent", "head-auth-request-sent" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-ntlm-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] }, "ws-federation-list":{ "type":"array", "minItems":1, "items":{ "type":"ws-federation" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/ws-federation/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify WS-Federation authentication relay name", "optional":false }, "application-server":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'sharepoint': Microsoft SharePoint; 'exchange-owa': Microsoft Exchange OWA; ", "enum":[ "sharepoint", "exchange-owa" ], "optional":true }, "authentication-uri":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify WS-Federation relay URI, default is /_trust/", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'request': Request; 'success': Success; 'failure': Failure; ", "enum":[ "all", "request", "success", "failure" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-relay-ws-fed-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] }, "saml-list":{ "type":"array", "minItems":1, "items":{ "type":"saml" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/saml/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify SAML authentication relay name", "optional":false }, "relay-acs-uri":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the backend server assertion consuming service URI", "optional":true }, "match-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'equals': URI exactly matches the string; 'contains': URI string contains another sub string; 'starts-with': URI string starts with sub string; 'ends-with': URI string ends with sub string; ", "enum":[ "equals", "contains", "starts-with", "ends-with" ], "optional":true }, "match-uri":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Match URI", "optional":true }, "server-cookie-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the cookie name that used by backend server for authenticated users", "optional":true }, "idp-auth-uri":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the URI for IDP to handle SAML authentication request", "optional":true }, "value":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"method", "description":"Use the fixed string as the RelayState", "optional":true }, "method":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"value", "description":"'get-from-backend': Get RelayState parameter from backend server; 'request-uri': Use the (URL encoded) current request-uri as the RelayState; ", "enum":[ "get-from-backend", "request-uri" ], "optional":true }, "retry-number":{ "type":"number", "format":"number", "minimum":0, "maximum":10, "default":0, "partition-visibility":"shared", "description":"Specify how many continuous fail for SAML relay will trigger. Default will not retry.", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'request': Request; 'success': Success; 'failure': Failure; 'error': Error; ", "enum":[ "all", "request", "success", "failure", "error" ] } } } ] } }, "required":[ "name" ] } ] }, "oauth-list":{ "type":"array", "minItems":1, "items":{ "type":"oauth" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/relay/oauth/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify oauth authentication relay name", "optional":false }, "relay-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'access-token': Relay access token to backend; 'id-token': Relay JWT to backend; ", "enum":[ "access-token", "id-token" ], "optional":true }, "match-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"all", "description":"'equals': URI exactly matches the string; 'contains': URI string contains another sub string; 'starts-with': URI string starts with sub string; 'ends-with': URI string ends with sub string; ", "enum":[ "equals", "contains", "starts-with", "ends-with" ], "optional":true }, "all":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"match-type", "description":"All URI can be relay", "optional":true }, "match-uri":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'relay-req': relay-req; 'relay-succ': relay-succ; 'relay-fail': relay-fail; ", "enum":[ "all", "relay-req", "relay-succ", "relay-fail" ] } } } ] } }, "required":[ "name" ] } ] } } }