Amster

ServerConfigs

Realm Operations

Resource path:

/realm-config/services/IdentityAssertionService/serverConfigs

Resource version: 2.0

create

Usage

am> create ServerConfigs --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "skewAllowance" : {
      "title" : "Skew Allowance (seconds)",
      "description" : "The time difference skew allowance to use when validating the assertion result JWT's issued-at and expiry claims. This is to address time differences between the Identity Gateway host and Access Management host. Defaults to zero, indicating no skew allowance.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "secretLabelIdentifier" : {
      "title" : "Shared Encryption Secret",
      "description" : "A shared secret, used to encrypt the assertion request JWT sent to the gateway and decrypt the result JWT. The configured value is used to construct the secret's purpose label.",
      "propertyOrder" : 250,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "serverUrl" : {
      "title" : "Identity Assertion server URL",
      "description" : "The Identity Assertion server URL, e.g. https://ig.example.com:8448. Exclude the route as that should be node-specific.",
      "propertyOrder" : 100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtExpiration" : {
      "title" : "JWT TTL (seconds)",
      "description" : "JWT Time To Live duration, indicating the period until the JWT sent to the Gateway expires. Default is 30 seconds. ",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    }
  }
}

delete

Usage

am> delete ServerConfigs --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action ServerConfigs --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action ServerConfigs --realm Realm --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action ServerConfigs --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query ServerConfigs --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read ServerConfigs --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update ServerConfigs --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "skewAllowance" : {
      "title" : "Skew Allowance (seconds)",
      "description" : "The time difference skew allowance to use when validating the assertion result JWT's issued-at and expiry claims. This is to address time differences between the Identity Gateway host and Access Management host. Defaults to zero, indicating no skew allowance.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "secretLabelIdentifier" : {
      "title" : "Shared Encryption Secret",
      "description" : "A shared secret, used to encrypt the assertion request JWT sent to the gateway and decrypt the result JWT. The configured value is used to construct the secret's purpose label.",
      "propertyOrder" : 250,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "serverUrl" : {
      "title" : "Identity Assertion server URL",
      "description" : "The Identity Assertion server URL, e.g. https://ig.example.com:8448. Exclude the route as that should be node-specific.",
      "propertyOrder" : 100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtExpiration" : {
      "title" : "JWT TTL (seconds)",
      "description" : "JWT Time To Live duration, indicating the period until the JWT sent to the Gateway expires. Default is 30 seconds. ",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    }
  }
}

Global Operations

Resource path:

/global-config/services/IdentityAssertionService/serverConfigs

Resource version: 1.0

create

Usage

am> create ServerConfigs --global --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "serverUrl" : {
      "title" : "Identity Assertion server URL",
      "description" : "The Identity Assertion server URL, e.g. https://ig.example.com:8448. Exclude the route as that should be node-specific.",
      "propertyOrder" : 100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "skewAllowance" : {
      "title" : "Skew Allowance (seconds)",
      "description" : "The time difference skew allowance to use when validating the assertion result JWT's issued-at and expiry claims. This is to address time differences between the Identity Gateway host and Access Management host. Defaults to zero, indicating no skew allowance.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "jwtExpiration" : {
      "title" : "JWT TTL (seconds)",
      "description" : "JWT Time To Live duration, indicating the period until the JWT sent to the Gateway expires. Default is 30 seconds. ",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "secretLabelIdentifier" : {
      "title" : "Shared Encryption Secret",
      "description" : "A shared secret, used to encrypt the assertion request JWT sent to the gateway and decrypt the result JWT. The configured value is used to construct the secret's purpose label.",
      "propertyOrder" : 250,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    }
  }
}

delete

Usage

am> delete ServerConfigs --global --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action ServerConfigs --global --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action ServerConfigs --global --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action ServerConfigs --global --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query ServerConfigs --global --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read ServerConfigs --global --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update ServerConfigs --global --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "serverUrl" : {
      "title" : "Identity Assertion server URL",
      "description" : "The Identity Assertion server URL, e.g. https://ig.example.com:8448. Exclude the route as that should be node-specific.",
      "propertyOrder" : 100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "skewAllowance" : {
      "title" : "Skew Allowance (seconds)",
      "description" : "The time difference skew allowance to use when validating the assertion result JWT's issued-at and expiry claims. This is to address time differences between the Identity Gateway host and Access Management host. Defaults to zero, indicating no skew allowance.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "jwtExpiration" : {
      "title" : "JWT TTL (seconds)",
      "description" : "JWT Time To Live duration, indicating the period until the JWT sent to the Gateway expires. Default is 30 seconds. ",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "secretLabelIdentifier" : {
      "title" : "Shared Encryption Secret",
      "description" : "A shared secret, used to encrypt the assertion request JWT sent to the gateway and decrypt the result JWT. The configured value is used to construct the secret's purpose label.",
      "propertyOrder" : 250,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    }
  }
}