DeviceProfilesService
Realm Operations
Resource path: /realm-config/services/deviceProfilesService
Resource version: 1.0
create
Usage:
am> create DeviceProfilesService --realm Realm --body body
Parameters:
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "deviceProfilesSettingsEncryptionKeystore" : { "title" : "Encryption Key Store", "description" : "Path to the key store from which to load encryption keys.", "propertyOrder" : 300, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystoreKeyPairAlias" : { "title" : "Key-Pair Alias", "description" : "Alias of the certificate and private key in the key store. The private key is used to encrypt and decrypt device profiles.", "propertyOrder" : 600, "required" : false, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystoreType" : { "title" : "Key Store Type", "description" : "Type of key store to load.<br><br><i>Note:</i> PKCS#11 key stores require hardware support such as a security device or smart card and is not available by default in most JVM installations.<p><p>See the <a href=\"https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html\" target=\"_blank\">JDK 8 PKCS#11 Reference Guide</a> for more details.", "propertyOrder" : 400, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystorePrivateKeyPassword" : { "title" : "Private Key Password", "description" : "Password to unlock the private key.", "propertyOrder" : 700, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystorePassword" : { "title" : "Key Store Password", "description" : "Password to unlock the key store. This password is encrypted when it is saved in the OpenAM configuration. You should modify the default value.", "propertyOrder" : 500, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionScheme" : { "title" : "Device Profile Encryption Scheme", "description" : "Encryption scheme to use to secure device profiles stored on the server.<br><br>If enabled, each device profile is encrypted using a unique random secret key using the given strength of AES encryption in CBC mode with PKCS#5 padding. An HMAC-SHA of the given strength (truncated to half-size) is used to ensure integrity protection and authenticated encryption. The unique random key is encrypted with the given RSA key pair and stored with the device profile.<p><p><i>Note:</i> AES-256 may require installation of the JCE Unlimited Strength policy files.", "propertyOrder" : 200, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesAttrName" : { "title" : "Profile Storage Attribute", "description" : "The user's attribute in which to store Device profiles.<br><br>The default attribute is added to the schema when you prepare a user store for use with OpenAM. If you want to use a different attribute, you must make sure to add it to your user store schema prior to enabling the Device Profiles authentication module. OpenAM must be able to write to the attribute.", "propertyOrder" : 100, "required" : true, "type" : "string", "exampleValue" : "" } } }
delete
Usage:
am> delete DeviceProfilesService --realm Realm
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage:
am> action DeviceProfilesService --realm Realm --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage:
am> action DeviceProfilesService --realm Realm --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage:
am> action DeviceProfilesService --realm Realm --actionName nextdescendents
read
Usage:
am> read DeviceProfilesService --realm Realm
update
Usage:
am> update DeviceProfilesService --realm Realm --body body
Parameters:
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "deviceProfilesSettingsEncryptionKeystore" : { "title" : "Encryption Key Store", "description" : "Path to the key store from which to load encryption keys.", "propertyOrder" : 300, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystoreKeyPairAlias" : { "title" : "Key-Pair Alias", "description" : "Alias of the certificate and private key in the key store. The private key is used to encrypt and decrypt device profiles.", "propertyOrder" : 600, "required" : false, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystoreType" : { "title" : "Key Store Type", "description" : "Type of key store to load.<br><br><i>Note:</i> PKCS#11 key stores require hardware support such as a security device or smart card and is not available by default in most JVM installations.<p><p>See the <a href=\"https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html\" target=\"_blank\">JDK 8 PKCS#11 Reference Guide</a> for more details.", "propertyOrder" : 400, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystorePrivateKeyPassword" : { "title" : "Private Key Password", "description" : "Password to unlock the private key.", "propertyOrder" : 700, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystorePassword" : { "title" : "Key Store Password", "description" : "Password to unlock the key store. This password is encrypted when it is saved in the OpenAM configuration. You should modify the default value.", "propertyOrder" : 500, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionScheme" : { "title" : "Device Profile Encryption Scheme", "description" : "Encryption scheme to use to secure device profiles stored on the server.<br><br>If enabled, each device profile is encrypted using a unique random secret key using the given strength of AES encryption in CBC mode with PKCS#5 padding. An HMAC-SHA of the given strength (truncated to half-size) is used to ensure integrity protection and authenticated encryption. The unique random key is encrypted with the given RSA key pair and stored with the device profile.<p><p><i>Note:</i> AES-256 may require installation of the JCE Unlimited Strength policy files.", "propertyOrder" : 200, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesAttrName" : { "title" : "Profile Storage Attribute", "description" : "The user's attribute in which to store Device profiles.<br><br>The default attribute is added to the schema when you prepare a user store for use with OpenAM. If you want to use a different attribute, you must make sure to add it to your user store schema prior to enabling the Device Profiles authentication module. OpenAM must be able to write to the attribute.", "propertyOrder" : 100, "required" : true, "type" : "string", "exampleValue" : "" } } }
Global Operations
Resource path: /global-config/services/deviceProfilesService
Resource version: 1.0
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage:
am> action DeviceProfilesService --global --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage:
am> action DeviceProfilesService --global --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage:
am> action DeviceProfilesService --global --actionName nextdescendents
read
Usage:
am> read DeviceProfilesService --global
update
Usage:
am> update DeviceProfilesService --global --body body
Parameters:
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "defaults" : { "properties" : { "deviceProfilesAttrName" : { "title" : "Profile Storage Attribute", "description" : "The user's attribute in which to store Device profiles.<br><br>The default attribute is added to the schema when you prepare a user store for use with OpenAM. If you want to use a different attribute, you must make sure to add it to your user store schema prior to enabling the Device Profiles authentication module. OpenAM must be able to write to the attribute.", "propertyOrder" : 100, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystoreType" : { "title" : "Key Store Type", "description" : "Type of key store to load.<br><br><i>Note:</i> PKCS#11 key stores require hardware support such as a security device or smart card and is not available by default in most JVM installations.<p><p>See the <a href=\"https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html\" target=\"_blank\">JDK 8 PKCS#11 Reference Guide</a> for more details.", "propertyOrder" : 400, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionScheme" : { "title" : "Device Profile Encryption Scheme", "description" : "Encryption scheme to use to secure device profiles stored on the server.<br><br>If enabled, each device profile is encrypted using a unique random secret key using the given strength of AES encryption in CBC mode with PKCS#5 padding. An HMAC-SHA of the given strength (truncated to half-size) is used to ensure integrity protection and authenticated encryption. The unique random key is encrypted with the given RSA key pair and stored with the device profile.<p><p><i>Note:</i> AES-256 may require installation of the JCE Unlimited Strength policy files.", "propertyOrder" : 200, "required" : true, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystorePrivateKeyPassword" : { "title" : "Private Key Password", "description" : "Password to unlock the private key.", "propertyOrder" : 700, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystoreKeyPairAlias" : { "title" : "Key-Pair Alias", "description" : "Alias of the certificate and private key in the key store. The private key is used to encrypt and decrypt device profiles.", "propertyOrder" : 600, "required" : false, "type" : "string", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystorePassword" : { "title" : "Key Store Password", "description" : "Password to unlock the key store. This password is encrypted when it is saved in the OpenAM configuration. You should modify the default value.", "propertyOrder" : 500, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" }, "deviceProfilesSettingsEncryptionKeystore" : { "title" : "Encryption Key Store", "description" : "Path to the key store from which to load encryption keys.", "propertyOrder" : 300, "required" : true, "type" : "string", "exampleValue" : "" } }, "type" : "object", "title" : "Realm Defaults" } } }