aam authentication logon¶
Authentication logon configuration
logon Specification¶
Parameter Value Type Intermediate Resource Element Name logon Element URI /axapi/v3/aam/authentication/logon Element Attributes logon_attributes Partition Visibility shared Schema logon schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/aam/authentication/logon | logon_attributes |
logon attributes¶
form-based-list
Type: List
Reference Object: /axapi/v3/aam/authentication/logon/form-based/{name}
http-authenticate
Description: http-authenticate is a JSON Block. Please see below for http-authenticate
Type: Object
Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate
form-based-list¶
Specification Value Type list Block object keys account-lock
Description Lock the account when the failed logon attempts is exceeded
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
challenge-variable
Description Specify challenge variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-page-cfg
Description: cp-page-cfg is a JSON Block. Please see below for form-based-list_cp-page-cfg
Type: Object
csp-support
Description: csp-support is a JSON Block. Please see below for form-based-list_csp-support
Type: Object
duration
Description The time an account remains locked in seconds (default 1800)
Type: number
Range: 1-86400
Default: 1800
hsts-timeout
Description Set HSTS policy expired timeout in seconds, 0 means to disable HSTS policy
Type: number
Range: 0-315360000
logon-page-cfg
Description: logon-page-cfg is a JSON Block. Please see below for form-based-list_logon-page-cfg
Type: Object
name
Description Specify form-based authentication logon name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pin-variable
Description Specify new-pin variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
next-token-variable
Description Specify next-token variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
notify-cp-page-cfg
Description: notify-cp-page-cfg is a JSON Block. Please see below for form-based-list_notify-cp-page-cfg
Type: Object
portal
Description: portal is a JSON Block. Please see below for form-based-list_portal
Type: Object
retry
Description Maximum number of consecutive failed logon attempts (default 3)
Type: number
Range: 1-32
Default: 3
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
form-based-list_csp-support¶
Specification Value Type object none
Description Set CSP frame-ancestors to none (also X-Frame-Options deny)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: none, self, and specificURI are mutually exclusive
optional-second-URI
Description Set optional second customized CSP URI
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
self
Description Set CSP frame-ancestors to self (also X-Frame-Options same-origin)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: self and none are mutually exclusive
specificURI
Description Set customized CSP frame-ancestors (maximum 2 URIs can be set)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: specificURI and none are mutually exclusive
form-based-list_notify-cp-page-cfg¶
Specification Value Type object notifychangepassword-change-url
Description Specify change password action url for notifychangepassword form
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
notifychangepassword-continue-url
Description Specify continue action url for notifychangepassword form
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
form-based-list_portal¶
Specification Value Type object challenge-page
Description Specify challenge page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: challenge-page, new-pin-page, and next-token-page are mutually exclusive
changepasswordpage
Description Specify change password page name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
default-portal
Description Use default portal
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: default-portal and portal-name are mutually exclusive
failpage
Description Specify logon fail page name (portal fail page name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logon
Description Specify logon page name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pin-page
Description Specify new PIN page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: new-pin-page and challenge-page are mutually exclusive
next-token-page
Description Specify next token page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: next-token-page and challenge-page are mutually exclusive
notifychangepasswordpage
Description Specify change password notification page name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
portal-name
Description Specify portal name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: portal-name and default-portal are mutually exclusive
form-based-list_logon-page-cfg¶
Specification Value Type object action-url
Description Specify form submission action url
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
authz-failure-message
Description Specify authorization failure message shown in logon page (Specify error string, default is “Authorization failed. Please contact your system administrator.”)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
captcha-variable
Description Specify captcha variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
disable-change-password-link
Description Don’t display change password link on logon page forcibly even backend authentication server supports it (LDAP or Kerberos)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
login-failure-message
Description Specify login failure message shown in logon page (Specify error string, default is “Invalid username or password. Please try again.”)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
passcode-variable
Description Specify passcode variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
password-variable
Description Specify password variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
username-variable
Description Specify username variable name in form submission
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
form-based-list_cp-page-cfg¶
Specification Value Type object changepassword-url
Description Specify changepassword form submission action url (changepassword action url)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
cp-cfm-pwd-enum
Description ‘changepassword-password-confirm-variable’: Specify password confirm variable name in form submission;
Type: string
Supported Values: changepassword-password-confirm-variable
cp-cfm-pwd-var
Description Specify password confirm variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-new-pwd-enum
Description ‘changepassword-new-password-variable’: Specify new password variable name in form submission;
Type: string
Supported Values: changepassword-new-password-variable
cp-new-pwd-var
Description Specify new password variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-old-pwd-enum
Description ‘changepassword-old-password-variable’: Specify old password variable name in form submission;
Type: string
Supported Values: changepassword-old-password-variable
cp-old-pwd-var
Description Specify old password variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cp-user-enum
Description ‘changepassword-username-variable’: Specify username variable name in form submission;
Type: string
Supported Values: changepassword-username-variable
cp-user-var
Description Specify username variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http-authenticate¶
Specification Value Type object instance-list
Type: List
Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate/instance/{name}
http-authenticate_instance-list¶
Specification Value Type list Block object keys account-lock
Description Lock the account when the failed logon attempts is exceeded
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
auth-method
Description: auth-method is a JSON Block. Please see below for http-authenticate_instance-list_auth-method
Type: Object
duration
Description The time an account remains locked in seconds (default 1800)
Type: number
Range: 1-86400
Default: 1800
hsts-timeout
Description Set HSTS policy expired timeout in seconds, 0 means to disable HSTS policy
Type: number
Range: 0-315360000
name
Description Specify HTTP-Authenticate logon name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
packet-capture-template
Description Name of the packet capture template to be bind with this object
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/visibility/packet-capture/object-templates/aam-auth-logon-http-ins-tmpl
retry
Description Maximum number of consecutive failed logon attempts (default 3)
Type: number
Range: 1-32
Default: 3
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
http-authenticate_instance-list_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘spn_krb_request’: SPN Kerberos Request; ‘spn_krb_success’: SPN Kerberos Success; ‘spn_krb_faiure’: SPN Kerberos Failure;
Type: string
Supported Values: all, spn_krb_request, spn_krb_success, spn_krb_faiure
http-authenticate_instance-list_auth-method¶
Specification Value Type object basic
Description: basic is a JSON Block. Please see below for http-authenticate_instance-list_auth-method_basic
Type: Object
negotiate
Description: negotiate is a JSON Block. Please see below for http-authenticate_instance-list_auth-method_negotiate
Type: Object
ntlm
Description: ntlm is a JSON Block. Please see below for http-authenticate_instance-list_auth-method_ntlm
Type: Object
http-authenticate_instance-list_auth-method_ntlm¶
Specification Value Type object ntlm-enable
Description Enable NTLM logon
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
http-authenticate_instance-list_auth-method_negotiate¶
Specification Value Type object negotiate-enable
Description Enable SPENGO logon
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
http-authenticate_instance-list_auth-method_basic¶
Specification Value Type object basic-enable
Description Enable Basic logon
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
basic-realm
Description Specify realm for basic logon
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
challenge-page
Description Specify challenge page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: challenge-page and new-pin-page are mutually exclusive
challenge-response-form
Description Specify challenge-response form for RSA-RADIUS authentication
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
challenge-variable
Description Specify challenge variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
new-pin-page
Description Specify new PIN page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: new-pin-page and challenge-page are mutually exclusive
new-pin-variable
Description Specify new PIN variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
next-token-page
Description Specify next-token page name for RSA-RADIUS
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
next-token-variable
Description Specify next-token variable name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters