PersistentCookieDecision
Realm Operations
Resource path:
/realm-config/authentication/authenticationtrees/nodes/PersistentCookieDecisionNode
Resource version: 2.0
create
Usage
am> create PersistentCookieDecision --realm Realm --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "useSecureCookie" : { "title" : "Use Secure Cookie", "description" : "Sets the persistent cookie as \"Secure\".", "propertyOrder" : 300, "type" : "boolean", "exampleValue" : "" }, "enforceClientIp" : { "title" : "Enforce Client IP", "description" : "Enforces that the persistent cookie can only be used from the same client IP to which the cookie was issued.", "propertyOrder" : 200, "type" : "boolean", "exampleValue" : "" }, "idleTimeout" : { "title" : "Idle Timeout", "description" : "The maximum idle time between requests before the cookie is invalidated, in hours.", "propertyOrder" : 100, "type" : "integer", "exampleValue" : "" }, "hmacSigningKey" : { "title" : "HMAC Signing Key", "description" : "Base64-encoded 256-bit key to use for HMAC signing of the cookie. This property is deprecated. Use the HMAC Signing Key Secret Label Identifier instead. The signing key is ignored if you set an HMAC Signing Key Secret Label Identifier.", "propertyOrder" : 500, "type" : "string", "format" : "password", "exampleValue" : "" }, "useHttpOnlyCookie" : { "title" : "Use HTTP Only Cookie", "description" : "Sets the persistent cookie as \"HttpOnly\".", "propertyOrder" : 400, "type" : "boolean", "exampleValue" : "" }, "persistentCookieName" : { "title" : "Persistent Cookie Name", "description" : "The name of the persistent cookie.", "propertyOrder" : 600, "type" : "string", "exampleValue" : "" }, "hmacSigningKeySecretLabelIdentifier" : { "title" : "HMAC Signing Key Secret Label Identifier", "description" : "Identifier used to create a secret label for mapping to a secret in a secret store. <br>AM uses this identifier to create a specific secret label for this node. The secret label takes the form <code>am.authentication.nodes.persistentcookie.{{identifier}}.signing</code> where {{identifier}} is the value of HMAC Signing Key Secret Label Identifier. The identifier can only contain characters {{a-z}} {{A-Z}} {{0-9}} {{.}} and cannot start or end with {{.}}. If you set an HMAC Signing Key Secret Label Identifier and AM finds a matching secret in a secret store, the HMAC Signing Key is ignored.", "propertyOrder" : 550, "type" : "string", "exampleValue" : "" } }, "required" : [ "useSecureCookie", "enforceClientIp", "idleTimeout", "useHttpOnlyCookie", "persistentCookieName" ] }
delete
Usage
am> delete PersistentCookieDecision --realm Realm --id id
Parameters
- --id
-
The unique identifier for the resource.
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage
am> action PersistentCookieDecision --realm Realm --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage
am> action PersistentCookieDecision --realm Realm --actionName getCreatableTypes
listOutcomes
List the available outcomes for the node type.
Usage
am> action PersistentCookieDecision --realm Realm --body body --actionName listOutcomes
Parameters
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "title" : "Some configuration of the node. This does not need to be complete against the configuration schema." }
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage
am> action PersistentCookieDecision --realm Realm --actionName nextdescendents
query
Get the full list of instances of this collection. This query only supports _queryFilter=true filter.
Usage
am> query PersistentCookieDecision --realm Realm --filter filter
Parameters
- --filter
-
A CREST formatted query filter, where "true" will query all.
read
Usage
am> read PersistentCookieDecision --realm Realm --id id
Parameters
- --id
-
The unique identifier for the resource.
update
Usage
am> update PersistentCookieDecision --realm Realm --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "useSecureCookie" : { "title" : "Use Secure Cookie", "description" : "Sets the persistent cookie as \"Secure\".", "propertyOrder" : 300, "type" : "boolean", "exampleValue" : "" }, "enforceClientIp" : { "title" : "Enforce Client IP", "description" : "Enforces that the persistent cookie can only be used from the same client IP to which the cookie was issued.", "propertyOrder" : 200, "type" : "boolean", "exampleValue" : "" }, "idleTimeout" : { "title" : "Idle Timeout", "description" : "The maximum idle time between requests before the cookie is invalidated, in hours.", "propertyOrder" : 100, "type" : "integer", "exampleValue" : "" }, "hmacSigningKey" : { "title" : "HMAC Signing Key", "description" : "Base64-encoded 256-bit key to use for HMAC signing of the cookie. This property is deprecated. Use the HMAC Signing Key Secret Label Identifier instead. The signing key is ignored if you set an HMAC Signing Key Secret Label Identifier.", "propertyOrder" : 500, "type" : "string", "format" : "password", "exampleValue" : "" }, "useHttpOnlyCookie" : { "title" : "Use HTTP Only Cookie", "description" : "Sets the persistent cookie as \"HttpOnly\".", "propertyOrder" : 400, "type" : "boolean", "exampleValue" : "" }, "persistentCookieName" : { "title" : "Persistent Cookie Name", "description" : "The name of the persistent cookie.", "propertyOrder" : 600, "type" : "string", "exampleValue" : "" }, "hmacSigningKeySecretLabelIdentifier" : { "title" : "HMAC Signing Key Secret Label Identifier", "description" : "Identifier used to create a secret label for mapping to a secret in a secret store. <br>AM uses this identifier to create a specific secret label for this node. The secret label takes the form <code>am.authentication.nodes.persistentcookie.{{identifier}}.signing</code> where {{identifier}} is the value of HMAC Signing Key Secret Label Identifier. The identifier can only contain characters {{a-z}} {{A-Z}} {{0-9}} {{.}} and cannot start or end with {{.}}. If you set an HMAC Signing Key Secret Label Identifier and AM finds a matching secret in a secret store, the HMAC Signing Key is ignored.", "propertyOrder" : 550, "type" : "string", "exampleValue" : "" } }, "required" : [ "useSecureCookie", "enforceClientIp", "idleTimeout", "useHttpOnlyCookie", "persistentCookieName" ] }