Amster

AuthenticateThing

Realm Operations

Resource path:

/realm-config/authentication/authenticationtrees/nodes/IotAuthenticationNode

Resource version: 1.0

create

Usage

am> create AuthenticateThing --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "issueRestrictedToken" : {
      "title" : "Issue Restricted Token",
      "description" : "The session token issued on successful authentication will be modified by adding a proof of possession restriction to it. Any requests accompanied by the token must be signed with the key that was used to sign the authentication JWT.",
      "propertyOrder" : 20,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "jwtAuthenticationMethod" : {
      "title" : "JWT Authentication Method",
      "description" : "Choose the required JWT authentication method.</br><p>Proof of Possession: Prove that the signer of the JWT is the owner of the key by including a challenge nonce in the JWT. Validation will be done in accordance with the <a href=\"https://tools.ietf.org/html/rfc7800\">JWT Proof of Possession specification</a>.</p><p>Client Assertion: Present a JWT Bearer token for authentication. Validation will be done in accordance with the <a href=\"https://datatracker.ietf.org/doc/html/rfc7523#section-3\">OAuth 2.0 JWT Profile for Client Authentication</a>.</p>",
      "propertyOrder" : 10,
      "type" : "string",
      "exampleValue" : ""
    },
    "additionalAudienceValues" : {
      "title" : "Additional Audience Values",
      "description" : "The additional audience values that will be permitted when verifying JWTs. These audience values will be in addition to the AM base, issuer and token endpoint URIs for the Client Assertion authentication method or the realm path for Proof of Possession.",
      "propertyOrder" : 30,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    }
  },
  "required" : [ "issueRestrictedToken", "additionalAudienceValues", "jwtAuthenticationMethod" ]
}

delete

Usage

am> delete AuthenticateThing --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action AuthenticateThing --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action AuthenticateThing --realm Realm --actionName getCreatableTypes

listOutcomes

List the available outcomes for the node type.

Usage

am> action AuthenticateThing --realm Realm --body body --actionName listOutcomes

Parameters

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "title" : "Some configuration of the node. This does not need to be complete against the configuration schema."
}

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action AuthenticateThing --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query AuthenticateThing --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read AuthenticateThing --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update AuthenticateThing --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "issueRestrictedToken" : {
      "title" : "Issue Restricted Token",
      "description" : "The session token issued on successful authentication will be modified by adding a proof of possession restriction to it. Any requests accompanied by the token must be signed with the key that was used to sign the authentication JWT.",
      "propertyOrder" : 20,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "jwtAuthenticationMethod" : {
      "title" : "JWT Authentication Method",
      "description" : "Choose the required JWT authentication method.</br><p>Proof of Possession: Prove that the signer of the JWT is the owner of the key by including a challenge nonce in the JWT. Validation will be done in accordance with the <a href=\"https://tools.ietf.org/html/rfc7800\">JWT Proof of Possession specification</a>.</p><p>Client Assertion: Present a JWT Bearer token for authentication. Validation will be done in accordance with the <a href=\"https://datatracker.ietf.org/doc/html/rfc7523#section-3\">OAuth 2.0 JWT Profile for Client Authentication</a>.</p>",
      "propertyOrder" : 10,
      "type" : "string",
      "exampleValue" : ""
    },
    "additionalAudienceValues" : {
      "title" : "Additional Audience Values",
      "description" : "The additional audience values that will be permitted when verifying JWTs. These audience values will be in addition to the AM base, issuer and token endpoint URIs for the Client Assertion authentication method or the realm path for Proof of Possession.",
      "propertyOrder" : 30,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    }
  },
  "required" : [ "issueRestrictedToken", "additionalAudienceValues", "jwtAuthenticationMethod" ]
}
Copyright © 2010-2024 ForgeRock, all rights reserved.