---
title: IdentityAssertion
description: Resource path:
component: pingam
version: 8.1
page_id: pingam:entity-reference:sec-amster-entity-identityassertion
canonical_url: https://docs.pingidentity.com/pingam/8.1/entity-reference/sec-amster-entity-identityassertion.html
section_ids:
  sec-amster-entity-identityassertion-realm-ops: Realm Operations
  sec-amster-entity-identityassertion-realm-ops-create: create
  sec-amster-entity-identityassertion-realm-ops-delete: delete
  sec-amster-entity-identityassertion-realm-ops-gettype: getType
  sec-amster-entity-identityassertion-realm-ops-getupgradedconfig: getUpgradedConfig
  sec-amster-entity-identityassertion-realm-ops-query: query
  sec-amster-entity-identityassertion-realm-ops-read: read
  sec-amster-entity-identityassertion-realm-ops-update: update
  sec-amster-entity-identityassertion-realm-ops-versioninfo: versionInfo
---

# IdentityAssertion

## Realm Operations

Resource path:

```
/realm-config/authentication/authenticationtrees/nodes/IdentityAssertionDecisionNode/1.0
```

Resource version: `3.0`

### create

**Usage**

```
am> create IdentityAssertion --realm Realm --id id --body body
```

**Parameters**

* *\--id*

  The unique identifier for the resource.

* *\--body*

  The resource in JSON format, described by the following JSON schema:

  ```json
  {
    "type" : "object",
    "properties" : {
      "sharedStateToServerMap" : {
        "title" : "Mapping to server claims (optional)",
        "description" : "Map fields in the shared node state to Identity Assertion server request JWT claims. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the shared node state key, and the <code>value</code> is the JWT claim to map to.",
        "propertyOrder" : 300,
        "patternProperties" : {
          ".*" : {
            "type" : "string"
          }
        },
        "type" : "object",
        "exampleValue" : ""
      },
      "serverToSharedStateMap" : {
        "title" : "Mapping from server result (optional)",
        "description" : "Map the Identity Assertion server result JWT claims to fields in the shared node state. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the server assertion JWT claim containing the data, and the <code>value</code> is the shared node state key to map to. By default, the JWT 'principal' claim is mapped to the AM shared state 'username'. ",
        "propertyOrder" : 400,
        "patternProperties" : {
          ".*" : {
            "type" : "string"
          }
        },
        "type" : "object",
        "exampleValue" : ""
      },
      "serverId" : {
        "title" : "Identity Assertion server ID",
        "description" : "ID of the Identity Assertion server that will handle assertion requests (composed of ID and realm). ",
        "propertyOrder" : 100,
        "type" : "string",
        "exampleValue" : ""
      },
      "route" : {
        "title" : "Route",
        "description" : "The Identity Assertion route/endpoint that will handle assertion requests.",
        "propertyOrder" : 200,
        "type" : "string",
        "exampleValue" : ""
      }
    },
    "required" : [ "sharedStateToServerMap", "serverToSharedStateMap", "serverId", "route" ]
  }
  ```

### delete

**Usage**

```
am> delete IdentityAssertion --realm Realm --id id
```

**Parameters**

* *\--id*

  The unique identifier for the resource.

### getType

List information related to the node such as a name, description, tags and metadata.

**Usage**

```
am> action IdentityAssertion --realm Realm --actionName getType
```

### getUpgradedConfig

Get the upgraded configuration for the node type.

**Usage**

```
am> action IdentityAssertion --realm Realm --body body --actionName getUpgradedConfig --targetVersion targetVersion
```

**Parameters**

* *\--body*

  The resource in JSON format, described by the following JSON schema:

  ```json
  {
    "type" : "object",
    "title" : "The current configuration of the node type."
  }
  ```

* *\--targetVersion*

  \=== listOutcomes

List the available outcomes for the node type.

**Usage**

```
am> action IdentityAssertion --realm Realm --body body --actionName listOutcomes
```

**Parameters**

* *\--body*

  The resource in JSON format, described by the following JSON schema:

  ```json
  {
    "description" : "Some configuration of the node. This does not need to be complete against the configuration schema.",
    "type" : "object",
    "title" : "Node configuration"
  }
  ```

### query

Get the full list of instances of this collection. This query only supports `_queryFilter=true` filter.

**Usage**

```
am> query IdentityAssertion --realm Realm --filter filter
```

**Parameters**

* *\--filter*

  A CREST formatted query filter, where "true" will query all.

### read

**Usage**

```
am> read IdentityAssertion --realm Realm --id id
```

**Parameters**

* *\--id*

  The unique identifier for the resource.

### update

**Usage**

```
am> update IdentityAssertion --realm Realm --id id --body body
```

**Parameters**

* *\--id*

  The unique identifier for the resource.

* *\--body*

  The resource in JSON format, described by the following JSON schema:

  ```json
  {
    "type" : "object",
    "properties" : {
      "sharedStateToServerMap" : {
        "title" : "Mapping to server claims (optional)",
        "description" : "Map fields in the shared node state to Identity Assertion server request JWT claims. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the shared node state key, and the <code>value</code> is the JWT claim to map to.",
        "propertyOrder" : 300,
        "patternProperties" : {
          ".*" : {
            "type" : "string"
          }
        },
        "type" : "object",
        "exampleValue" : ""
      },
      "serverToSharedStateMap" : {
        "title" : "Mapping from server result (optional)",
        "description" : "Map the Identity Assertion server result JWT claims to fields in the shared node state. If the server requires no data, you don't need to add mappings here. The <code>key</code> is the server assertion JWT claim containing the data, and the <code>value</code> is the shared node state key to map to. By default, the JWT 'principal' claim is mapped to the AM shared state 'username'. ",
        "propertyOrder" : 400,
        "patternProperties" : {
          ".*" : {
            "type" : "string"
          }
        },
        "type" : "object",
        "exampleValue" : ""
      },
      "serverId" : {
        "title" : "Identity Assertion server ID",
        "description" : "ID of the Identity Assertion server that will handle assertion requests (composed of ID and realm). ",
        "propertyOrder" : 100,
        "type" : "string",
        "exampleValue" : ""
      },
      "route" : {
        "title" : "Route",
        "description" : "The Identity Assertion route/endpoint that will handle assertion requests.",
        "propertyOrder" : 200,
        "type" : "string",
        "exampleValue" : ""
      }
    },
    "required" : [ "sharedStateToServerMap", "serverToSharedStateMap", "serverId", "route" ]
  }
  ```

### versionInfo

List the versions available for the node type.

**Usage**

```
am> action IdentityAssertion --realm Realm --actionName versionInfo
```