Managing Scripts (ssoadm)

Use the ssoadm command's create-sub-cfg, get-sub-cfg, and delete-sub-cfg subcommands to manage AM scripts.

Create an AM script as follows:

Create a script configuration file, for example, /path/to/myScriptConfigurationFile.txt, containing the following:

script-file=/path/to/myScriptFile.js
language=JAVASCRIPT 
name=My New Script
context=AUTHENTICATION_SERVER_SIDE

	Possible values for the `language` property are: `JAVASCRIPT` `GROOVY`
	Possible values for the `context` property are: `POLICY_CONDITION` `AUTHENTICATION_SERVER_SIDE` `AUTHENTICATION_CLIENT_SIDE` `OIDC_CLAIMS` `AUTHENTICATION_TREE_DECISION_NODE`

Run the ssoadm create-sub-cfg command. The --datafile argument references the script configuration file you created in the previous step:

$ ssoadm \
create-sub-cfg \
--realm /myRealm \
--adminid uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org \
--password-file /tmp/pwd.txt \
--servicename ScriptingService \
--subconfigname scriptConfigurations/scriptConfiguration \
--subconfigid myScriptID \
--datafile /path/to/myScriptConfigurationFile.txt
Sub Configuration scriptConfigurations/scriptConfiguration was added to realm /myRealm

To list the properties of a script, run the ssoadm get-sub-cfg command:

$ ssoadm \
get-sub-cfg \
--realm /myRealm \
--adminid uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org \
--password-file /tmp/pwd.txt \
--servicename ScriptingService \
--subconfigname scriptConfigurations/myScriptID
createdBy=
lastModifiedDate=
lastModifiedBy=
name=My New Script
context=AUTHENTICATION_SERVER_SIDE
description=
language=JAVASCRIPT
creationDate=
script=...Script output follows...

To delete a script, run the ssoadm delete-sub-cfg command:

$ ssoadm \
delete-sub-cfg \
--realm /myRealm \
--adminid uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org \
--password-file /tmp/pwd.txt \
--servicename ScriptingService \
--subconfigname scriptConfigurations/myScriptID
Sub Configuration scriptConfigurations/myScriptID was deleted from realm /myRealm