Amster

PersistentCookieDecision

Realm Operations

Resource path:

/realm-config/authentication/authenticationtrees/nodes/PersistentCookieDecisionNode

Resource version: 2.0

create

Usage

am> create PersistentCookieDecision --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "useSecureCookie" : {
      "title" : "Use Secure Cookie",
      "description" : "Sets the persistent cookie as \"Secure\".",
      "propertyOrder" : 300,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "enforceClientIp" : {
      "title" : "Enforce Client IP",
      "description" : "Enforces that the persistent cookie can only be used from the same client IP to which the cookie was issued.",
      "propertyOrder" : 200,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "idleTimeout" : {
      "title" : "Idle Timeout",
      "description" : "The maximum idle time between requests before the cookie is invalidated, in hours.",
      "propertyOrder" : 100,
      "type" : "integer",
      "exampleValue" : ""
    },
    "hmacSigningKey" : {
      "title" : "HMAC Signing Key",
      "description" : "Base64-encoded 256-bit key to use for HMAC signing of the cookie. This property is deprecated. Use the HMAC Signing Key Secret Label Identifier instead. The signing key is  ignored if you set an HMAC Signing Key Secret Label Identifier.",
      "propertyOrder" : 500,
      "type" : "string",
      "format" : "password",
      "exampleValue" : ""
    },
    "useHttpOnlyCookie" : {
      "title" : "Use HTTP Only Cookie",
      "description" : "Sets the persistent cookie as \"HttpOnly\".",
      "propertyOrder" : 400,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "persistentCookieName" : {
      "title" : "Persistent Cookie Name",
      "description" : "The name of the persistent cookie.",
      "propertyOrder" : 600,
      "type" : "string",
      "exampleValue" : ""
    },
    "hmacSigningKeySecretLabelIdentifier" : {
      "title" : "HMAC Signing Key Secret Label Identifier",
      "description" : "Identifier used to create a secret label for mapping to a secret in a secret store. <br>AM uses this identifier to create a specific secret label for this node. The secret label takes the form <code>am.authentication.nodes.persistentcookie.{{identifier}}.signing</code> where {{identifier}} is the value of HMAC Signing Key Secret Label Identifier. The identifier can only contain characters {{a-z}} {{A-Z}} {{0-9}} {{.}} and cannot start or end with {{.}}. If you set an HMAC Signing Key Secret Label Identifier and AM finds a matching secret in a secret store, the HMAC Signing Key is ignored.",
      "propertyOrder" : 550,
      "type" : "string",
      "exampleValue" : ""
    }
  },
  "required" : [ "useSecureCookie", "enforceClientIp", "idleTimeout", "useHttpOnlyCookie", "persistentCookieName" ]
}

delete

Usage

am> delete PersistentCookieDecision --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action PersistentCookieDecision --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action PersistentCookieDecision --realm Realm --actionName getCreatableTypes

listOutcomes

List the available outcomes for the node type.

Usage

am> action PersistentCookieDecision --realm Realm --body body --actionName listOutcomes

Parameters

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "title" : "Some configuration of the node. This does not need to be complete against the configuration schema."
}

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action PersistentCookieDecision --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query PersistentCookieDecision --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read PersistentCookieDecision --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update PersistentCookieDecision --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "useSecureCookie" : {
      "title" : "Use Secure Cookie",
      "description" : "Sets the persistent cookie as \"Secure\".",
      "propertyOrder" : 300,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "enforceClientIp" : {
      "title" : "Enforce Client IP",
      "description" : "Enforces that the persistent cookie can only be used from the same client IP to which the cookie was issued.",
      "propertyOrder" : 200,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "idleTimeout" : {
      "title" : "Idle Timeout",
      "description" : "The maximum idle time between requests before the cookie is invalidated, in hours.",
      "propertyOrder" : 100,
      "type" : "integer",
      "exampleValue" : ""
    },
    "hmacSigningKey" : {
      "title" : "HMAC Signing Key",
      "description" : "Base64-encoded 256-bit key to use for HMAC signing of the cookie. This property is deprecated. Use the HMAC Signing Key Secret Label Identifier instead. The signing key is  ignored if you set an HMAC Signing Key Secret Label Identifier.",
      "propertyOrder" : 500,
      "type" : "string",
      "format" : "password",
      "exampleValue" : ""
    },
    "useHttpOnlyCookie" : {
      "title" : "Use HTTP Only Cookie",
      "description" : "Sets the persistent cookie as \"HttpOnly\".",
      "propertyOrder" : 400,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "persistentCookieName" : {
      "title" : "Persistent Cookie Name",
      "description" : "The name of the persistent cookie.",
      "propertyOrder" : 600,
      "type" : "string",
      "exampleValue" : ""
    },
    "hmacSigningKeySecretLabelIdentifier" : {
      "title" : "HMAC Signing Key Secret Label Identifier",
      "description" : "Identifier used to create a secret label for mapping to a secret in a secret store. <br>AM uses this identifier to create a specific secret label for this node. The secret label takes the form <code>am.authentication.nodes.persistentcookie.{{identifier}}.signing</code> where {{identifier}} is the value of HMAC Signing Key Secret Label Identifier. The identifier can only contain characters {{a-z}} {{A-Z}} {{0-9}} {{.}} and cannot start or end with {{.}}. If you set an HMAC Signing Key Secret Label Identifier and AM finds a matching secret in a secret store, the HMAC Signing Key is ignored.",
      "propertyOrder" : 550,
      "type" : "string",
      "exampleValue" : ""
    }
  },
  "required" : [ "useSecureCookie", "enforceClientIp", "idleTimeout", "useHttpOnlyCookie", "persistentCookieName" ]
}