.. _aam_authentication_template: aam authentication template =========================== Authentication template template Specification ---------------------- ===================================== =========================================================================== **Parameter** **Value** ===================================== =========================================================================== **Type** *Collection* **Object Key(s)** *name* **Collection Name** :ref:`111_template_list` **Collection URI** /axapi/v3/aam/authentication/template **Element Name** template **Element URI** /axapi/v3/aam/authentication/template/{name} **Element Attributes** template_attributes **Partition Visibility** shared **Schema** :download:`template schema ` ===================================== =========================================================================== **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/template .. raw:: html :ref:`111_template_attributes` .. raw:: html
Create List .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/template .. raw:: html :ref:`111_template_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/aam/authentication/template/{name} .. raw:: html :ref:`111_template_attributes` .. raw:: html
Get List .. raw:: html GET .. raw:: html /axapi/v3/aam/authentication/template .. raw:: html :ref:`111_template_list` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/template/{name} .. raw:: html :ref:`111_template_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/aam/authentication/template/{name} .. raw:: html :ref:`111_template_attributes` .. raw:: html
Replace List .. raw:: html PUT .. raw:: html /axapi/v3/aam/authentication/template .. raw:: html :ref:`111_template_list` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/aam/authentication/template/{name} .. raw:: html :ref:`111_template_attributes` .. raw:: html
.. _111_template_list: template-list ------------- template-list is **JSON List** of :ref:`111_template_attributes` template-list : [ { :ref:`111_template_attributes` }, { :ref:`111_template_attributes` }, ... ] .. _111_template_attributes: template attributes ------------------- **account** **Description** Specify AD domain account **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/account/kerberos-spn ` **accounting-server** **Description** Specify a RADIUS accounting server **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** accounting-server and accounting-service-group are mutually exclusive **Reference Object:** :doc:`/axapi/v3/aam/authentication/server/radius/instance ` **accounting-service-group** **Description** Specify an authentication service group for RADIUS accounting **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** accounting-service-group and accounting-server are mutually exclusive **Reference Object:** :doc:`/axapi/v3/aam/authentication/service-group ` **auth-sess-mode** **Description** 'cookie-based': Track auth-session by cookie (default); 'ip-based': Track auth-session by client IP; **Type:** string **Supported Values:** cookie-based, ip-based **captcha** **Description** Specify captcha profile (Specify captcha proflie name) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/captcha/instance ` **chain** **Type:** List **cookie-domain** **Type:** List **cookie-domain-group** **Type:** List **cookie-httponly-enable** **Description** Enable httponly attribute for AAM cookies **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **cookie-max-age** **Description** Configure Max-Age for authentication session cookie (Configure Max-Age in seconds, 0 for no Max-Age/Expires attributes. Default is 604800 (1 week).) **Type:** number **Range:** 0-2592000 **Default:** 604800 **cookie-samesite** **Description** 'strict': Specify SameSite attribute as Strict for AAM cookie; 'lax': Specify SameSite attribute as Lax for AAM cookie; 'none': Specify SameSite attribute as None for AAM cookie; **Type:** string **Supported Values:** strict, lax, none **cookie-secure-enable** **Description** Enable secure attribute for AAM cookies **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **forward-logout-disable** **Description** Disable forward logout request to backend application server. The config-field logout-url must be configured first **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **jwt** **Description** Specify authentication jwt template **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/jwt ` **local-logging** **Description** Enable local logging **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **log** **Description** 'use-partition-level-config': Use configuration of authentication-log enable command; 'enable': Enable authentication logs for this template; 'disable': Disable authentication logs for this template; **Type:** string **Supported Values:** use-partition-level-config, enable, disable **Default:** use-partition-level-config **logon** **Description** Specify authentication logon (Specify authentication logon template name) **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/logon/form-based ` **logout-idle-timeout** **Description** Specify idle logout time (Specify idle timeout in seconds, default is 300) **Type:** number **Range:** 1-86400 **Default:** 300 **logout-url** **Description** Specify logout url (Specify logout url string) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **max-session-time** **Description** Specify default SAML token lifetime (Specify lifetime (in seconds) of SAML token when it not provided by token attributes, default is 28800. (0 for indefinite)) **Type:** number **Range:** 0-86400 **modify-content-security-policy** **Description** Put redirect-uri or service-principal-name into CSP header to avoid CPS break authentication process **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **name** **Description** Authentication template name **Type:** string **Maximum Length:** 127 characters **Maximum Length:** 1 characters **oauth-authorization-server** **Description** Specify OAUTH authorization server **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **oauth-client** **Description** Specify OAUTH client **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **redirect-hostname** **Description** Hostname(Length 1-31) for transparent-proxy authentication **Type:** string **Format:** host **Maximum Length:** 31 characters **Maximum Length:** 1 characters **relay** **Description** Specify authentication relay (Specify authentication relay template name) **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/relay/http-basic/instance ` **saml-idp** **Description** Specify SAML identity provider **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **saml-sp** **Description** Specify SAML service provider **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **server** **Description** Specify authentication server (Specify authentication server template name) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** server and service-group are mutually exclusive **Reference Object:** :doc:`/axapi/v3/aam/authentication/server/ldap/instance ` **service-group** **Description** Bind an authentication service group to this template (Specify authentication service group name) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **Mutual Exclusion:** service-group, server, and chain-server are mutually exclusive **Reference Object:** :doc:`/axapi/v3/aam/authentication/service-group ` **type** **Description** 'saml': SAML authentication template; 'standard': Standard authentication template; 'oauth': Oauth 2.0 authentication template; **Type:** string **Supported Values:** saml, standard, oauth **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _111_chain: chain ^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **chain-server** **Description** Specify authentication server (Specify authentication server template name) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** chain-server, service-group, and chain-sg are mutually exclusive **Reference Object:** :doc:`/axapi/v3/aam/authentication/server/ldap/instance ` **chain-server-priority** **Description** Set server priority, higher the number higher the priority. Default is 3. (Chain server priority, higher the number higher the priority. Default is 3.) **Type:** number **Range:** 1-5 **Default:** 3 **chain-sg** **Description** Bind an authentication service group to this template (Specify authentication service group name) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **Mutual Exclusion:** chain-sg and chain-server are mutually exclusive **Reference Object:** :doc:`/axapi/v3/aam/authentication/service-group ` **chain-sg-priority** **Description** Set service-group priority, higher the number higher the priority. Default is 3. (Chain service-group priority, higher the number higher the priority. Default is 3.) **Type:** number **Range:** 1-5 **Default:** 3 .. _111_cookie-domain-group: cookie-domain-group ^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **cookie-dmngrp** **Description** Specify group id to join in the cookie-domain **Type:** number **Range:** 0-31 .. _111_cookie-domain: cookie-domain ^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **cookie-dmn** **Description** Specify domain scope for the authentication (ex: .a10networks.com) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 2 characters