PersistentCookieDecision
Realm Operations
Resource path:
/realm-config/authentication/authenticationtrees/nodes/PersistentCookieDecisionNode/1.0
Resource version: 3.0
create
Usage
am> create PersistentCookieDecision --realm Realm --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "enforceClientIp" : { "title" : "Enforce Client IP", "description" : "Enforces that the persistent cookie can only be used from the same client IP to which the cookie was issued.", "propertyOrder" : 200, "type" : "boolean", "exampleValue" : "" }, "sameSite" : { "title" : "Persistent Cookie SameSite attribute", "description" : "Sets the same site attribute of the persistent cookie. This value controls when a browser sends the cookie in cross-site requests. Possible values include: <br>* `STRICT`: The cookie is only sent when navigating within the same site. It's not sent on any cross-site requests, even for top-level navigations.<br>* `LAX`: The cookie is sent on same-site requests and top-level navigations. It's not sent on subresource requests (like images or scripts loaded from a third-party site).<br>* `NONE`: There are no restrictions on the cookie domain.", "propertyOrder" : 700, "type" : "string", "exampleValue" : "" }, "persistentCookieName" : { "title" : "Persistent Cookie Name", "description" : "The name of the persistent cookie.", "propertyOrder" : 600, "type" : "string", "exampleValue" : "" }, "idleTimeout" : { "title" : "Idle Timeout", "description" : "The maximum idle time between requests before the cookie is invalidated, in hours.", "propertyOrder" : 100, "type" : "integer", "exampleValue" : "" }, "hmacSigningKeySecretLabelIdentifier" : { "title" : "HMAC Signing Key Secret Label Identifier", "description" : "Identifier used to create a secret label for mapping to a secret in a secret store. <br>AM uses this identifier to create a specific secret label for this node. The secret label takes the form <code>am.authentication.nodes.persistentcookie.{{identifier}}.signing</code> where {{identifier}} is the value of HMAC Signing Key Secret Label Identifier. The identifier can only contain characters {{a-z}} {{A-Z}} {{0-9}} {{.}} and cannot start or end with {{.}}. If you set an HMAC Signing Key Secret Label Identifier and AM finds a matching secret in a secret store, the HMAC Signing Key is ignored.", "propertyOrder" : 550, "type" : "string", "exampleValue" : "" }, "useSecureCookie" : { "title" : "Use Secure Cookie", "description" : "Sets the persistent cookie as \"Secure\". This will be ignored and set to true if SameSite is set to \"NONE\".", "propertyOrder" : 300, "type" : "boolean", "exampleValue" : "" }, "hmacSigningKey" : { "title" : "HMAC Signing Key", "description" : "Base64-encoded 256-bit key to use for HMAC signing of the cookie. This property is deprecated. Use the HMAC Signing Key Secret Label Identifier instead. The signing key is ignored if you set an HMAC Signing Key Secret Label Identifier.", "propertyOrder" : 500, "type" : "string", "format" : "password", "exampleValue" : "" }, "useHttpOnlyCookie" : { "title" : "Use HTTP Only Cookie", "description" : "Sets the persistent cookie as \"HttpOnly\".", "propertyOrder" : 400, "type" : "boolean", "exampleValue" : "" } }, "required" : [ "enforceClientIp", "sameSite", "persistentCookieName", "idleTimeout", "useSecureCookie", "useHttpOnlyCookie" ] }
delete
Usage
am> delete PersistentCookieDecision --realm Realm --id id
Parameters
- --id
-
The unique identifier for the resource.
getType
List information related to the node such as a name, description, tags and metadata.
Usage
am> action PersistentCookieDecision --realm Realm --actionName getType
getUpgradedConfig
Get the upgraded configuration for the node type.
Usage
am> action PersistentCookieDecision --realm Realm --body body --actionName getUpgradedConfig --targetVersion targetVersion
Parameters
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "title" : "The current configuration of the node type." } - --targetVersion
-
=== listOutcomes
List the available outcomes for the node type.
Usage
am> action PersistentCookieDecision --realm Realm --body body --actionName listOutcomes
Parameters
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "description" : "Some configuration of the node. This does not need to be complete against the configuration schema.", "type" : "object", "title" : "Node configuration" }
query
Get the full list of instances of this collection. This query only supports _queryFilter=true filter.
Usage
am> query PersistentCookieDecision --realm Realm --filter filter
Parameters
- --filter
-
A CREST formatted query filter, where "true" will query all.
read
Usage
am> read PersistentCookieDecision --realm Realm --id id
Parameters
- --id
-
The unique identifier for the resource.
update
Usage
am> update PersistentCookieDecision --realm Realm --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "enforceClientIp" : { "title" : "Enforce Client IP", "description" : "Enforces that the persistent cookie can only be used from the same client IP to which the cookie was issued.", "propertyOrder" : 200, "type" : "boolean", "exampleValue" : "" }, "sameSite" : { "title" : "Persistent Cookie SameSite attribute", "description" : "Sets the same site attribute of the persistent cookie. This value controls when a browser sends the cookie in cross-site requests. Possible values include: <br>* `STRICT`: The cookie is only sent when navigating within the same site. It's not sent on any cross-site requests, even for top-level navigations.<br>* `LAX`: The cookie is sent on same-site requests and top-level navigations. It's not sent on subresource requests (like images or scripts loaded from a third-party site).<br>* `NONE`: There are no restrictions on the cookie domain.", "propertyOrder" : 700, "type" : "string", "exampleValue" : "" }, "persistentCookieName" : { "title" : "Persistent Cookie Name", "description" : "The name of the persistent cookie.", "propertyOrder" : 600, "type" : "string", "exampleValue" : "" }, "idleTimeout" : { "title" : "Idle Timeout", "description" : "The maximum idle time between requests before the cookie is invalidated, in hours.", "propertyOrder" : 100, "type" : "integer", "exampleValue" : "" }, "hmacSigningKeySecretLabelIdentifier" : { "title" : "HMAC Signing Key Secret Label Identifier", "description" : "Identifier used to create a secret label for mapping to a secret in a secret store. <br>AM uses this identifier to create a specific secret label for this node. The secret label takes the form <code>am.authentication.nodes.persistentcookie.{{identifier}}.signing</code> where {{identifier}} is the value of HMAC Signing Key Secret Label Identifier. The identifier can only contain characters {{a-z}} {{A-Z}} {{0-9}} {{.}} and cannot start or end with {{.}}. If you set an HMAC Signing Key Secret Label Identifier and AM finds a matching secret in a secret store, the HMAC Signing Key is ignored.", "propertyOrder" : 550, "type" : "string", "exampleValue" : "" }, "useSecureCookie" : { "title" : "Use Secure Cookie", "description" : "Sets the persistent cookie as \"Secure\". This will be ignored and set to true if SameSite is set to \"NONE\".", "propertyOrder" : 300, "type" : "boolean", "exampleValue" : "" }, "hmacSigningKey" : { "title" : "HMAC Signing Key", "description" : "Base64-encoded 256-bit key to use for HMAC signing of the cookie. This property is deprecated. Use the HMAC Signing Key Secret Label Identifier instead. The signing key is ignored if you set an HMAC Signing Key Secret Label Identifier.", "propertyOrder" : 500, "type" : "string", "format" : "password", "exampleValue" : "" }, "useHttpOnlyCookie" : { "title" : "Use HTTP Only Cookie", "description" : "Sets the persistent cookie as \"HttpOnly\".", "propertyOrder" : 400, "type" : "boolean", "exampleValue" : "" } }, "required" : [ "enforceClientIp", "sameSite", "persistentCookieName", "idleTimeout", "useSecureCookie", "useHttpOnlyCookie" ] }