To create and configure JSON attribute constraints:

  • Run dsconfig with the create-json-attribute-constraints option.

    In this example, a JSON attribute constraint is defined on the appjson attribute type. This constrains values of the appjson attribute to be JSON objects. Because allow-unnamed-fields is set to false, those JSON objects can only have fields for which there is a corresponding JSON field constraints definition.

    Note:

    appjson is meant to be replaced by the name of the user's desired attribute type, as defined in the directory schema. For more information, see About managing JSON attribute values.

    $ bin/dsconfig create-json-attribute-constraints \
      --attribute-type appjson \
      --set enabled:true \
      --set allow-unnamed-fields:false

    In this example, a JSON field constraint object is defined for the email.verified field. The email.verified field must be present and must take a boolean value.

    $ bin/dsconfig create-json-field-constraints \
      --attribute-type appjson \
      --json-field email.verified \
      --set value-type:boolean \
      --set is-required:true \
      --set index-values:false \
      --set tokenize-values:false \
      --set allow-null-value:true

    In this example, a JSON field constraint object is defined for the email.type field. The email.type field must be present and must take a value of home, work, or other.

    $ bin/dsconfig create-json-field-constraints \
      --attribute-type appjson \
      --json-field email.type \
      --set value-type:string \
      --set is-required:true \
      --set index-values:false \
      --set tokenize-values:true \
      --set allowed-value:home \
      --set allowed-value:other \
      --set allowed-value:work \
      --set allow-null-value:false

    In this example, a JSON field constraint is defined for the email.value field. The email.value field must be present and must take a string value that matches the specified regular expression.

    $ bin/dsconfig create-json-field-constraints \
      --attribute-type appjson \
      --json-field email.value \
      --set value-type:string \
      --set is-required:true \
      --set index-values:true \
      --set tokenize-values:false \
      --set prime-index:true \
      --set allow-null-value:true \
      --set maximum-value-length:256 \
      --set minimum-value-length:1 \
      --set allowed-value-regular-expression:[-_\+\.\w\d]+@\w+\.\w{2,5}