.. _aam_authentication_logon: aam authentication logon ======================== Authentication logon configuration logon Specification ------------------- ===================================== ================================================================= **Parameter** **Value** ===================================== ================================================================= **Type** *Intermediate Resource* **Element Name** logon **Element URI** /axapi/v3/aam/authentication/logon **Element Attributes** logon_attributes **Partition Visibility** shared **Schema** :download:`logon schema ` ===================================== ================================================================= **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Get Object .. raw:: html GET .. raw:: html /axapi/v3/aam/authentication/logon .. raw:: html logon_attributes .. raw:: html
.. _31_logon_attributes: logon attributes ---------------- **form-based-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/aam/authentication/logon/form-based/{name} ` **http-authenticate** **Description:** http-authenticate is a **JSON Block**. Please see below for :ref:`31_http-authenticate` **Type:** Object **Reference Object:** :doc:`/axapi/v3/aam/authentication/logon/http-authenticate ` .. _31_form-based-list: form-based-list ^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **account-lock** **Description** Lock the account when the failed logon attempts is exceeded **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **challenge-variable** **Description** Specify challenge variable name in form submission **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **cp-page-cfg** **Description:** cp-page-cfg is a **JSON Block**. Please see below for :ref:`31_form-based-list_cp-page-cfg` **Type:** Object **csp-support** **Description:** csp-support is a **JSON Block**. Please see below for :ref:`31_form-based-list_csp-support` **Type:** Object **duration** **Description** The time an account remains locked in seconds (default 1800) **Type:** number **Range:** 1-86400 **Default:** 1800 **hsts-timeout** **Description** Set HSTS policy expired timeout in seconds, 0 means to disable HSTS policy **Type:** number **Range:** 0-315360000 **logon-page-cfg** **Description:** logon-page-cfg is a **JSON Block**. Please see below for :ref:`31_form-based-list_logon-page-cfg` **Type:** Object **name** **Description** Specify form-based authentication logon name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **new-pin-variable** **Description** Specify new-pin variable name in form submission **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **next-token-variable** **Description** Specify next-token variable name in form submission **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **notify-cp-page-cfg** **Description:** notify-cp-page-cfg is a **JSON Block**. Please see below for :ref:`31_form-based-list_notify-cp-page-cfg` **Type:** Object **portal** **Description:** portal is a **JSON Block**. Please see below for :ref:`31_form-based-list_portal` **Type:** Object **retry** **Description** Maximum number of consecutive failed logon attempts (default 3) **Type:** number **Range:** 1-32 **Default:** 3 **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _31_form-based-list_csp-support: form-based-list_csp-support ^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **none** **Description** Set CSP frame-ancestors to none (also X-Frame-Options deny) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** none, self, and specificURI are mutually exclusive **optional-second-URI** **Description** Set optional second customized CSP URI **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **self** **Description** Set CSP frame-ancestors to self (also X-Frame-Options same-origin) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** self and none are mutually exclusive **specificURI** **Description** Set customized CSP frame-ancestors (maximum 2 URIs can be set) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **Mutual Exclusion:** specificURI and none are mutually exclusive .. _31_form-based-list_notify-cp-page-cfg: form-based-list_notify-cp-page-cfg ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **notifychangepassword-change-url** **Description** Specify change password action url for notifychangepassword form **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **notifychangepassword-continue-url** **Description** Specify continue action url for notifychangepassword form **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters .. _31_form-based-list_portal: form-based-list_portal ^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **challenge-page** **Description** Specify challenge page name for RSA-RADIUS **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** challenge-page, new-pin-page, and next-token-page are mutually exclusive **changepasswordpage** **Description** Specify change password page name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **default-portal** **Description** Use default portal **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** default-portal and portal-name are mutually exclusive **failpage** **Description** Specify logon fail page name (portal fail page name) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **logon** **Description** Specify logon page name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **new-pin-page** **Description** Specify new PIN page name for RSA-RADIUS **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** new-pin-page and challenge-page are mutually exclusive **next-token-page** **Description** Specify next token page name for RSA-RADIUS **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** next-token-page and challenge-page are mutually exclusive **notifychangepasswordpage** **Description** Specify change password notification page name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **portal-name** **Description** Specify portal name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** portal-name and default-portal are mutually exclusive .. _31_form-based-list_logon-page-cfg: form-based-list_logon-page-cfg ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **action-url** **Description** Specify form submission action url **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **authz-failure-message** **Description** Specify authorization failure message shown in logon page (Specify error string, default is "Authorization failed. Please contact your system administrator.") **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **captcha-variable** **Description** Specify captcha variable name in form submission **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **disable-change-password-link** **Description** Don't display change password link on logon page forcibly even backend authentication server supports it (LDAP or Kerberos) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **login-failure-message** **Description** Specify login failure message shown in logon page (Specify error string, default is "Invalid username or password. Please try again.") **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **passcode-variable** **Description** Specify passcode variable name in form submission **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **password-variable** **Description** Specify password variable name in form submission **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **username-variable** **Description** Specify username variable name in form submission **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters .. _31_form-based-list_cp-page-cfg: form-based-list_cp-page-cfg ^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **changepassword-url** **Description** Specify changepassword form submission action url (changepassword action url) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **cp-cfm-pwd-enum** **Description** 'changepassword-password-confirm-variable': Specify password confirm variable name in form submission; **Type:** string **Supported Values:** changepassword-password-confirm-variable **cp-cfm-pwd-var** **Description** Specify password confirm variable name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **cp-new-pwd-enum** **Description** 'changepassword-new-password-variable': Specify new password variable name in form submission; **Type:** string **Supported Values:** changepassword-new-password-variable **cp-new-pwd-var** **Description** Specify new password variable name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **cp-old-pwd-enum** **Description** 'changepassword-old-password-variable': Specify old password variable name in form submission; **Type:** string **Supported Values:** changepassword-old-password-variable **cp-old-pwd-var** **Description** Specify old password variable name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **cp-user-enum** **Description** 'changepassword-username-variable': Specify username variable name in form submission; **Type:** string **Supported Values:** changepassword-username-variable **cp-user-var** **Description** Specify username variable name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters .. _31_http-authenticate: http-authenticate ^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **instance-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/aam/authentication/logon/http-authenticate/instance/{name} ` .. _31_http-authenticate_instance-list: http-authenticate_instance-list ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **account-lock** **Description** Lock the account when the failed logon attempts is exceeded **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **auth-method** **Description:** auth-method is a **JSON Block**. Please see below for :ref:`31_http-authenticate_instance-list_auth-method` **Type:** Object **duration** **Description** The time an account remains locked in seconds (default 1800) **Type:** number **Range:** 1-86400 **Default:** 1800 **hsts-timeout** **Description** Set HSTS policy expired timeout in seconds, 0 means to disable HSTS policy **Type:** number **Range:** 0-315360000 **name** **Description** Specify HTTP-Authenticate logon name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **packet-capture-template** **Description** Name of the packet capture template to be bind with this object **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/visibility/packet-capture/object-templates/aam-auth-logon-http-ins-tmpl ` **retry** **Description** Maximum number of consecutive failed logon attempts (default 3) **Type:** number **Range:** 1-32 **Default:** 3 **sampling-enable** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _31_http-authenticate_instance-list_sampling-enable: http-authenticate_instance-list_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'spn_krb_request': SPN Kerberos Request; 'spn_krb_success': SPN Kerberos Success; 'spn_krb_faiure': SPN Kerberos Failure; **Type:** string **Supported Values:** all, spn_krb_request, spn_krb_success, spn_krb_faiure .. _31_http-authenticate_instance-list_auth-method: http-authenticate_instance-list_auth-method ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **basic** **Description:** basic is a **JSON Block**. Please see below for :ref:`31_http-authenticate_instance-list_auth-method_basic` **Type:** Object **negotiate** **Description:** negotiate is a **JSON Block**. Please see below for :ref:`31_http-authenticate_instance-list_auth-method_negotiate` **Type:** Object **ntlm** **Description:** ntlm is a **JSON Block**. Please see below for :ref:`31_http-authenticate_instance-list_auth-method_ntlm` **Type:** Object .. _31_http-authenticate_instance-list_auth-method_ntlm: http-authenticate_instance-list_auth-method_ntlm ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **ntlm-enable** **Description** Enable NTLM logon **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _31_http-authenticate_instance-list_auth-method_negotiate: http-authenticate_instance-list_auth-method_negotiate ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **negotiate-enable** **Description** Enable SPENGO logon **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _31_http-authenticate_instance-list_auth-method_basic: http-authenticate_instance-list_auth-method_basic ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **basic-enable** **Description** Enable Basic logon **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **basic-realm** **Description** Specify realm for basic logon **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **challenge-page** **Description** Specify challenge page name for RSA-RADIUS **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** challenge-page and new-pin-page are mutually exclusive **challenge-response-form** **Description** Specify challenge-response form for RSA-RADIUS authentication **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **challenge-variable** **Description** Specify challenge variable name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **new-pin-page** **Description** Specify new PIN page name for RSA-RADIUS **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** new-pin-page and challenge-page are mutually exclusive **new-pin-variable** **Description** Specify new PIN variable name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **next-token-page** **Description** Specify next-token page name for RSA-RADIUS **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **next-token-variable** **Description** Specify next-token variable name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters