.. _aam_authentication_oauth: aam authentication oauth ======================== AAM Oauth 2.0 related configuration oauth Specification ------------------- ===================================== ================================================================= **Parameter** **Value** ===================================== ================================================================= **Type** *Intermediate Resource* **Element Name** oauth **Element URI** /axapi/v3/aam/authentication/oauth **Element Attributes** oauth_attributes **Partition Visibility** shared **Schema** :download:`oauth schema ` ===================================== ================================================================= **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Get Object .. raw:: html GET .. raw:: html /axapi/v3/aam/authentication/oauth .. raw:: html oauth_attributes .. raw:: html
.. _38_oauth_attributes: oauth attributes ---------------- **authorization-server-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/aam/authentication/oauth/authorization-server/{name} ` **client-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/aam/authentication/oauth/client/{name} ` **global** **Description:** global is a **JSON Block**. Please see below for :ref:`38_global` **Type:** Object **Reference Object:** :doc:`/axapi/v3/aam/authentication/oauth/global ` .. _38_global: global ^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **sampling-enable** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _38_global_sampling-enable: global_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'auth-req': some help string; 'auth-succ': some help string; 'auth-fail': some help string; 'auth-error': some help string; 'relay-req': some help string; 'relay-succ': some help string; 'relay-fail': some help string; 'other-error': some help string; **Type:** string **Supported Values:** all, auth-req, auth-succ, auth-fail, auth-error, relay-req, relay-succ, relay-fail, other-error .. _38_client-list: client-list ^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **client-id** **Description** Specify oauth client-id **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **client-secret** **Description** **Type:** string **Format:** password **Maximum Length:** 127 characters **Maximum Length:** 1 characters **encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string) **grant-type** **Description** 'implicit': The authorization server will return access token directly.; 'authorization-code': The authorization server will respond with code which can be exchange for access token.; 'hybrid-code-id-token': The authorization server will respond with both code and id token.; 'hybrid-code-token': The authorization server will respond with both code and access token.; 'hybrid-all': The authorization server will respond with code, access token and id token; **Type:** string **Supported Values:** implicit, authorization-code, hybrid-code-id-token, hybrid-code-token, hybrid-all **infinity** **Description** Auth session never time out whatever value oauth servers' response **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** infinity and token-lifetime are mutually exclusive **name** **Description** Specify client object name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **no-reply** **Description** AX will not check the nonce value in response **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **parameter-nonce-enable** **Description** Enable nonce parameter for authorization and token request **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **redirection-endpoint** **Description** Oauth client redirection endpoint service URL. **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **scope** **Description** Specify request scope parameters (e.g. profile email address phone) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **session-init-ttl** **Description** TTL for Thunder to wait for first response from authorization server **Type:** number **Range:** 1-60 **token-lifetime** **Description** **Type:** number **Range:** 1-2592000 **Mutual Exclusion:** token-lifetime and infinity are mutually exclusive **type** **Description** 'openid-connect': openid-connect; **Type:** string **Supported Values:** openid-connect **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _38_authorization-server-list: authorization-server-list ^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **authorization-endpoint** **Description** Specify URI for authorization **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **client-method** **Description** 'ignored': Clients' browser will send data according to server spec (default); 'post': Clients' browser will send data by POST; 'get': Clients' browser will send data by GET; **Type:** string **Supported Values:** ignored, post, get **issuer** **Description** Specify openid provider name for authorization **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **name** **Description** Specify authorization server object name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **sampling-enable** **Type:** List **server-method** **Description** 'post': AX will send data to server by POST (default); 'get': AX will send data to server by GET; **Type:** string **Supported Values:** post, get **token-endpoint** **Description** Specify URI for token exchange **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **verification-cert** **Description** Specify certificate to verify ID token signature **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** verification-cert and verification-jwks are mutually exclusive **verification-jwks** **Description** Specify jwks file to verify ID token signature **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** verification-jwks and verification-cert are mutually exclusive .. _38_authorization-server-list_sampling-enable: authorization-server-list_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'auth-req': some help string; 'auth-succ': some help string; 'auth-fail': some help string; 'auth-error': some help string; 'other-error': some help string; **Type:** string **Supported Values:** all, auth-req, auth-succ, auth-fail, auth-error, other-error