- Overview
- Amster Entity Reference
- AcceptTermsAndConditions
- AccountActiveCheck
- AccountActiveDecision
- AccountLockout
- ActiveDirectory
- ActiveDirectoryApplicationModeADAM
- ActiveDirectoryModule
- AdaptiveRiskModule
- AdvancedProperties
- AgentDataStoreDecision
- AgentGroups
- AgentService
- Agents
- AmsterModule
- AnonymousModule
- AnonymousSessionUpgrade
- AnonymousUserMapping
- ApplicationTypes
- Applications
- AttributeCollector
- AttributePresentDecision
- AttributeValueDecision
- AuditEvent
- AuditLogging
- AuthLevelDecision
- AuthTree
- AuthenticateThing
- Authentication
- AuthenticationChains
- AuthenticationModules
- AuthenticationNodes
- AuthenticationTreesConfiguration
- AuthenticatorOath
- AuthenticatorOathModule
- AuthenticatorPush
- AuthenticatorPushModule
- AuthenticatorPushRegistrationModule
- AuthenticatorWebAuthn
- BaseUrlSource
- CORSService
- CRESTReporter
- Captcha
- CertificateCollectorNode
- CertificateModule
- CertificateUserExtractorNode
- CertificateValidationNode
- ChoiceCollector
- CircleOfTrust
- CommonFederationConfiguration
- ConditionTypes
- ConfigurationVersionService
- ConsentCollector
- CookiePresenceDecisionNode
- CorsConfiguration
- CreateObject
- CreatePassword
- Csv
- CtsDataStoreProperties
- Dashboard
- DashboardInstance
- DashboardUserService
- Dashboards
- DataStoreDecision
- DataStoreInstance
- DataStoreModule
- DataStoreService
- DecisionCombiners
- DefaultAdvancedProperties
- DefaultCtsDataStoreProperties
- DefaultDirectoryConfiguration
- DefaultGeneralProperties
- DefaultSdkProperties
- DefaultSecurityProperties
- DefaultSessionProperties
- DefaultUmaDataStoreProperties
- DeviceGeofencing
- DeviceIDService
- DeviceIdMatchModule
- DeviceIdSaveModule
- DeviceLocationMatch
- DeviceMatch
- DeviceProfile
- DeviceProfileCollector
- DeviceProfileSave
- DeviceProfilesService
- DeviceTamperingVerification
- DirectoryConfiguration
- DisplayUsername
- ElasticSearch
- EmailService
- EmailSuspendNode
- EmailTemplateNode
- EnvironmentAndSystemPropertySecretsStore
- FailureURL
- FederationModule
- FileSystemSecretStore
- ForgeRockIAMDirectoryServer
- ForgottenPassword
- ForgottenUsername
- GeneralProperties
- GenericLDAPv3
- GetSessionData
- GlobalScripts
- GlobalSecretsSettings
- Globalization
- GoogleKeyManagementServiceSecretStore
- GoogleKmsMappings
- GraphiteReporter
- HOTPGenerator
- HostedSaml2EntityProvider
- HotpModule
- HsmMappings
- HsmSecretStore
- HttpBasicModule
- IDMProvisioning
- IdRepository
- IdRepositoryUser
- IdentifyExistingUser
- IdentityGatewayAgentGroups
- IdentityGatewayAgents
- IncrementLoginCount
- InnerTreeEvaluator
- IoTService
- J2EEAgentGroups
- J2eeAgents
- JSONStdout
- Jdbc
- JdbcModule
- Jms
- Json
- JwtProofOfPossessionModule
- KBADecision
- KBADefinition
- KBAVerification
- KbaQuestions
- KerberosNode
- KeyStoreMappings
- KeyStoreSecretStore
- LDAPDecision
- LdapModule
- LegacyUserSelfService
- LinkedInClient
- Logging
- LoginCountDecision
- MembershipModule
- MessageNode
- Meter
- ModifyAuthLevel
- Monitoring
- MsisdnModule
- MultiFederationProtocol
- Naming
- OAuth20
- OAuth2Client
- OAuth2ClientAgentGroups
- OAuth2Clients
- OAuth2Module
- OAuth2Provider
- OAuth2RemoteConsentAgentGroups
- OAuth2SoftwarePublisherAgentGroups
- OAuth2TrustedJWTIssuerAgentGroups
- OAuth2UserApplications
- OIDCClient
- OTPCollectorDecision
- OTPEmailSender
- OTPSMSSender
- OathModule
- OathUserDevices
- OpenDJ
- OpenIDConnect
- OpenIdConnectModule
- PageNode
- PasswordCollector
- PatchObject
- PendingUmaRequests
- PersistentCookieDecision
- PersistentCookieModule
- Platform
- PlatformPassword
- PlatformUsername
- Policies
- PolicyAgents
- PolicyConfiguration
- PollingWaitNode
- ProfileCompletenessDecision
- PrometheusReporter
- ProvisionDynamicAccount
- ProvisionIDMAccount
- PushNotification
- PushNotificationResponse
- PushResultVerifierNode
- PushSender
- PushUserDevices
- QueryFilterDecision
- RESTSecurityTokenServices
- RadiusClient
- RadiusModule
- RadiusServer
- Realms
- Records
- RecoveryCodeCollectorDecision
- RecoveryCodeDisplayNode
- RegisterLogoutWebhook
- RegisterThing
- RemoteConsentAgent
- RemoteConsentService
- RemoteSaml2EntityProvider
- RemoveSessionProperties
- RequiredAttributesPresent
- ResourceSets
- ResourceTypes
- RestApis
- RetryLimitDecision
- SAML2Authentication
- SOAPSecurityTokenServices
- SaeModule
- Saml2Entities
- Saml2Entity
- Saml2Module
- SamlV2ServiceConfiguration
- SamlV2SoapBinding
- ScriptStore
- ScriptTypes
- ScriptedDecision
- ScriptedModule
- Scripting
- ScriptingEngineConfiguration
- Scripts
- SdkProperties
- SecretStores
- Secrets
- SecurID
- SecurityProperties
- SecurityTokenServices
- SelectIdentityProvider
- SelfServiceTreeConfig
- SelfServiceTrees
- ServerInformation
- ServerVersion
- Servers
- Services
- Session
- SessionProperties
- SessionPropertyWhiteList
- SessionUserService
- Sessions
- SetPersistentCookie
- SetSessionProperties
- SharedAgents
- Sites
- SoapSTSAgentGroups
- SoapStsAgents
- SocialAuthInstagramModule
- SocialAuthOAuth2Module
- SocialAuthOpenIDModule
- SocialAuthTwitterModule
- SocialAuthVKontakteModule
- SocialAuthWeChatMobileModule
- SocialAuthWeChatModule
- SocialAuthentication
- SocialFacebook
- SocialGoogle
- SocialIdentityProviders
- SocialIdentityProvidersConfig
- SocialIgnoreProfile
- SocialProviderHandlerNode
- SoftwarePublisher
- Splunk
- StateMetadata
- SubjectAttributes
- SubjectTypes
- SuccessURL
- SunDSWithOpenAMSchema
- SupportedIds
- Syslog
- TermsAndConditionsDecision
- TimeSinceDecision
- TimerStart
- TimerStop
- TivoliDirectoryServer
- TransactionAuthentication
- TrustedJwtIssuer
- TrustedUserDevices
- TwitterClient
- UmaDataStoreProperties
- UmaPolicies
- UmaProvider
- UmaResourceSetLabels
- UmaUserAuditHistory
- User
- UserGroups
- UserPolicies
- UserRegistration
- UserSelfService
- UserServices
- UsernameCollector
- VKClient
- ValidationService
- WeChatClient
- WebAgentGroups
- WebAgents
- WebAuthnAuthenticationNode
- WebAuthnDeviceStorageNode
- WebAuthnRegistrationNode
- WebAuthnUserDevices
- WebhookService
- WindowsDesktopSsoModule
- WindowsNtModule
- WriteFederationInformation
- WsEntity
- ZeroPageLoginCollector
IdentityGatewayAgentGroups
Realm Operations
Agent Groups handler that is responsible for managing agent groups
Resource path: /realm-config/agents/groups/IdentityGatewayAgent
Resource version: 1.0
create
Usage:
am> create IdentityGatewayAgentGroups --realm Realm --id id --body body
Parameters:
--id
The unique identifier for the resource.
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "status" : { "title" : "Status", "description" : "Status of the agent configuration.", "propertyOrder" : 200, "required" : true, "type" : "string", "exampleValue" : "" }, "igCdssoRedirectUrls" : { "title" : "Redirect URLs for CDSSO", "description" : "The list of redirect URLs for CDSSO. The valid value is in the following format: <br>protocol://hostname:port/path<br> The protocol represents the protocol used, such as http or https. The hostname represents the host name of the machine on which IG resides. The port represents the port number on which IG is listening. The path represents the remainder of the redirect URL. <br>Example:<br> http://openig.ext.com:8080/home/cdsso/redirect", "propertyOrder" : 150, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "igTokenIntrospection" : { "title" : "Token Introspection", "description" : "Allows using this IG agent to introspect OAuth 2.0 tokens issued to any client. <br>Select <code>None</code> to disable. Select <code>Realm Only</code> to allow introspection of tokens in the same realm. Select <code>Realm and Sub Realms</code> to allow introspection of tokens in the same realm and any sub-realms.", "propertyOrder" : 160, "required" : false, "type" : "string", "exampleValue" : "" } } }
delete
Usage:
am> delete IdentityGatewayAgentGroups --realm Realm --id id
Parameters:
--id
The unique identifier for the resource.
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage:
am> action IdentityGatewayAgentGroups --realm Realm --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage:
am> action IdentityGatewayAgentGroups --realm Realm --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage:
am> action IdentityGatewayAgentGroups --realm Realm --actionName nextdescendents
query
Querying the agent groups of a specific type
Usage:
am> query IdentityGatewayAgentGroups --realm Realm --filter filter
Parameters:
--filter
A CREST formatted query filter, where "true" will query all.
read
Usage:
am> read IdentityGatewayAgentGroups --realm Realm --id id
Parameters:
--id
The unique identifier for the resource.
update
Usage:
am> update IdentityGatewayAgentGroups --realm Realm --id id --body body
Parameters:
--id
The unique identifier for the resource.
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "status" : { "title" : "Status", "description" : "Status of the agent configuration.", "propertyOrder" : 200, "required" : true, "type" : "string", "exampleValue" : "" }, "igCdssoRedirectUrls" : { "title" : "Redirect URLs for CDSSO", "description" : "The list of redirect URLs for CDSSO. The valid value is in the following format: <br>protocol://hostname:port/path<br> The protocol represents the protocol used, such as http or https. The hostname represents the host name of the machine on which IG resides. The port represents the port number on which IG is listening. The path represents the remainder of the redirect URL. <br>Example:<br> http://openig.ext.com:8080/home/cdsso/redirect", "propertyOrder" : 150, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "igTokenIntrospection" : { "title" : "Token Introspection", "description" : "Allows using this IG agent to introspect OAuth 2.0 tokens issued to any client. <br>Select <code>None</code> to disable. Select <code>Realm Only</code> to allow introspection of tokens in the same realm. Select <code>Realm and Sub Realms</code> to allow introspection of tokens in the same realm and any sub-realms.", "propertyOrder" : 160, "required" : false, "type" : "string", "exampleValue" : "" } } }