Package org.forgerock.am.iot

Interface IotRegistrationNode.Config

  • Enclosing class:
    IotRegistrationNode
    public static interface IotRegistrationNode.Config
    Configuration for the node.

    • Method Detail

      • jwtRegistrationMethod

        default IotRegistrationNode.JwtRegistrationMethod jwtRegistrationMethod()
        The JWT registration method that is used to verify the registration JWT.
        Returns:
        The JWT registration method chosen.

      • verifySubject

        default boolean verifySubject()
        Verify that the subject provided in the JWT is the same as either the X.509 certificate subject CN or UID.
        Returns:
        true if subject should be verified.

      • createIdentity

        default boolean createIdentity()
        Create a new identity for the thing if one does not exist already.
        Returns:
        true if identity should be created.

      • allowKeyRotation

        default boolean allowKeyRotation()
        Allow multiple confirmation keys to be registered for a thing.
        Returns:
        true if key rotation is allowed.

      • defaultAttributeValues

        default Map<String,​String> defaultAttributeValues()
        Default attribute values for the identity that will be created upon registration. Default values will be overwritten by values supplied in the registration JWT.
        Returns:
        a map containing the attribute name as key and the attribute value as map value.

      • claimToAttributeMapping

        Map<String,​String> claimToAttributeMapping()
        Map the verified claims to the thing's attributes. The value on the left is the name of the claim in the verified claims JWT. The value on the right is the name of the attribute in the data store.
        Returns:
        the configured mapping.

      • allowAttributeOverwrite

        default boolean allowAttributeOverwrite()
        Allow existing identity attributes to be overwritten when new claims are provided for the thing.
        Returns:
        true if attributes can be overwritten.

      • nameValidationRegex

        default String nameValidationRegex()
        A regular expression for validating the thing name. Only used when a thing is created by AM as IDM enforces it's own rules. Not exposed in the UI, but can be added to config manually to override the default if required. The default value reflects the value for sunIdRepoAttributeValidator in idRepoService.xml.
        Returns:
        the name validation regular expression