aam authorization¶
AAM authorization related configuration
authorization Specification¶
Type Intermediate Resource Element Name authorization Element URI /axapi/v3/aam/authorization Element Attributes authorization_attributes Schema authorization schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/aam/authorization | authorization_attributes |
authorization attributes¶
policy-list
Type: List
Refernce Object: /axapi/v3/aam/authorization/policy/{name}
policy-list¶
Specification Type list Block object keys attribute-list
Type: List
Refernce Object: /axapi/v3/aam/authorization/policy/{name}/attribute/{attr-num}
attribute-rule
Description Define attribute rule for authorization policy
Type: string
Format: string-rlx
name
Description Specify authorization policy name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
server
Description Specify a LDAP or RADIUS server for authorization (Specify a LDAP or RADIUS server name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: server and service-group are mutually exclusive
Refernce Object: /axapi/v3/aam/authentication/server/ldap/instance
service-group
Description Specify an authentication service group for authorization (Specify authentication service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: service-group and server are mutually exclusive
Refernce Object: /axapi/v3/aam/authentication/service-group
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_attribute-list¶
Specification Type list Block object keys A10-AX-AUTH-URI
Description Custom-defined attribute
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: A10-AX-AUTH-URI and attribute-name are mutually exclusive
a10-dynamic-defined
Description The value of this attribute will depend on AX configuration instead of user configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
attr-int
Description ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not equal; ‘less-than’: Operation type is less-than; ‘more-than’: Operation type is more-than; ‘less-than-equal-to’: Operation type is less-than-equal-to; ‘more-than-equal-to’: Operation type is more-thatn-equal-to;
Type: string
Supported Values: equal, not-equal, less-than, more-than, less-than-equal-to, more-than-equal-to
attr-int-val
Description Set attribute value
Type: number
Range: 0-4294967295
attr-ip
Description ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not-equal;
Type: string
Supported Values: equal, not-equal
attr-ipv4
Description IPv4 address
Type: string
Format: ipv4-address
attr-num
Description Set attribute ID for authorization policy
Type: number
Range: 1-32
attr-str
Description ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;
Type: string
Supported Values: match, sub-string
attr-str-val
Description Set attribute value
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
attr-type
Description Specify attribute type
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
attribute-name
Description Specify attribute name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: attribute-name and A10-AX-AUTH-URI are mutually exclusive
custom-attr-str
Description ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;
Type: string
Supported Values: match, sub-string
custom-attr-type
Description Specify attribute type
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
integer-type
Description Attribute type is integer
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: integer-type string-type and ip-type are mutually exclusive
ip-type
Description IP address is transformed into network byte order
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: ip-type string-type and integer-type are mutually exclusive
string-type
Description Attribute type is string
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: string-type integer-type and ip-type are mutually exclusive
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters