Amster

IdentityAssertion

Realm Operations

Resource path:

/realm-config/authentication/authenticationtrees/nodes/IdentityAssertionDecisionNode

Resource version: 2.0

create

Usage

am> create IdentityAssertion --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "serverId" : {
      "title" : "Identity Assertion server ID",
      "description" : "ID of the Identity Assertion server that will handle assertion requests (composed of ID and realm). ",
      "propertyOrder" : 100,
      "type" : "string",
      "exampleValue" : ""
    },
    "serverToSharedStateMap" : {
      "title" : "Mapping from server result (optional)",
      "description" : "Map the Identity Assertion server result JWT claims to fields in the shared node state. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the server assertion JWT claim containing the data, and the <code>value</code> is the shared node state key to map to. By default, the JWT 'principal' claim is mapped to the AM shared state 'username'. ",
      "propertyOrder" : 400,
      "patternProperties" : {
        ".*" : {
          "type" : "string"
        }
      },
      "type" : "object",
      "exampleValue" : ""
    },
    "route" : {
      "title" : "Route",
      "description" : "The Identity Assertion route/endpoint that will handle assertion requests.",
      "propertyOrder" : 200,
      "type" : "string",
      "exampleValue" : ""
    },
    "sharedStateToServerMap" : {
      "title" : "Mapping to server claims (optional)",
      "description" : "Map fields in the shared node state to Identity Assertion server request JWT claims. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the shared node state key, and the <code>value</code> is the JWT claim to map to.",
      "propertyOrder" : 300,
      "patternProperties" : {
        ".*" : {
          "type" : "string"
        }
      },
      "type" : "object",
      "exampleValue" : ""
    }
  },
  "required" : [ "serverId", "serverToSharedStateMap", "route", "sharedStateToServerMap" ]
}

delete

Usage

am> delete IdentityAssertion --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action IdentityAssertion --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action IdentityAssertion --realm Realm --actionName getCreatableTypes

listOutcomes

List the available outcomes for the node type.

Usage

am> action IdentityAssertion --realm Realm --body body --actionName listOutcomes

Parameters

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "title" : "Some configuration of the node. This does not need to be complete against the configuration schema."
}

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action IdentityAssertion --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query IdentityAssertion --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read IdentityAssertion --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update IdentityAssertion --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "serverId" : {
      "title" : "Identity Assertion server ID",
      "description" : "ID of the Identity Assertion server that will handle assertion requests (composed of ID and realm). ",
      "propertyOrder" : 100,
      "type" : "string",
      "exampleValue" : ""
    },
    "serverToSharedStateMap" : {
      "title" : "Mapping from server result (optional)",
      "description" : "Map the Identity Assertion server result JWT claims to fields in the shared node state. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the server assertion JWT claim containing the data, and the <code>value</code> is the shared node state key to map to. By default, the JWT 'principal' claim is mapped to the AM shared state 'username'. ",
      "propertyOrder" : 400,
      "patternProperties" : {
        ".*" : {
          "type" : "string"
        }
      },
      "type" : "object",
      "exampleValue" : ""
    },
    "route" : {
      "title" : "Route",
      "description" : "The Identity Assertion route/endpoint that will handle assertion requests.",
      "propertyOrder" : 200,
      "type" : "string",
      "exampleValue" : ""
    },
    "sharedStateToServerMap" : {
      "title" : "Mapping to server claims (optional)",
      "description" : "Map fields in the shared node state to Identity Assertion server request JWT claims. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the shared node state key, and the <code>value</code> is the JWT claim to map to.",
      "propertyOrder" : 300,
      "patternProperties" : {
        ".*" : {
          "type" : "string"
        }
      },
      "type" : "object",
      "exampleValue" : ""
    }
  },
  "required" : [ "serverId", "serverToSharedStateMap", "route", "sharedStateToServerMap" ]
}