UmaProvider
Realm Operations
Resource path: /realm-config/services/uma
Resource version: 1.0
create
Usage:
am> create UmaProvider --realm Realm --body bodyParameters:
--bodyThe resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "resharingMode" : { "title" : "Re-Sharing Mode", "description" : "Specifies whether re-sharing is off or on implicitly for all users, allowing all users to re-share resources that have been shared with them.", "propertyOrder" : 800, "required" : true, "type" : "string", "exampleValue" : "" }, "userProfileLocaleAttribute" : { "title" : "User profile preferred Locale attribute", "description" : "User profile attribute storing the user's preferred locale.", "propertyOrder" : 700, "required" : true, "type" : "string", "exampleValue" : "" }, "grantRptConditions" : { "title" : "Grant RPTs...", "description" : "In UMA, scope comes from both the permission ticket and from the token request. An RPT is always granted when all scope matches, and is never granted when no scope matches. You can configure when RPTs are granted for partial match conditions here. For more information, see the UMA Grant Type specification section onAuthorization Assessment and Results Determination.", "propertyOrder" : 900, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "deletePoliciesOnDeleteRS" : { "title" : "Delete user policies when Resource Server is removed", "description" : "Delete all user policies that relate to a Resource Server when removing the OAuth2 agent entry or removing the <code>uma_protection</code> scope from the OAuth2 agent.", "propertyOrder" : 300, "required" : true, "type" : "boolean", "exampleValue" : "" }, "permissionTicketLifetime" : { "title" : "Permission Ticket Lifetime (seconds)", "description" : "The maximum life of a permission ticket before it expires, in seconds.", "propertyOrder" : 200, "required" : true, "type" : "integer", "exampleValue" : "" }, "emailResourceOwnerOnPendingRequestCreation" : { "title" : "Email Resource Owner on Pending Request creation", "description" : "Specifies whether to send an email to the Resource Owner when a Pending Request is created when a Requesting Party requests authorization to a resource.", "propertyOrder" : 500, "required" : true, "type" : "boolean", "exampleValue" : "" }, "deleteResourceSetsOnDeleteRS" : { "title" : "Delete resources when Resource Server is removed", "description" : "Delete all resources that relate to a Resource Server when removing the OAuth2 agent entry or removing the <code>uma_protection</code> scope from the OAuth2 agent.", "propertyOrder" : 400, "required" : true, "type" : "boolean", "exampleValue" : "" }, "emailRequestingPartyOnPendingRequestApproval" : { "title" : "Email Requesting Party on Pending Request approval", "description" : "Specifies whether to send an email to the Requesting Party when a Pending Request is approved by the Resource Owner.", "propertyOrder" : 600, "required" : true, "type" : "boolean", "exampleValue" : "" }, "pendingRequestsEnabled" : { "title" : "Pending Requests Enabled", "description" : "Specifies whether to use the Pending Requests subsystem that notifies the resource owner that an attempt to access a resource was made.", "propertyOrder" : 450, "required" : true, "type" : "boolean", "exampleValue" : "" } } }
delete
Usage:
am> delete UmaProvider --realm RealmgetAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage:
am> action UmaProvider --realm Realm --actionName getAllTypesgetCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage:
am> action UmaProvider --realm Realm --actionName getCreatableTypesnextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage:
am> action UmaProvider --realm Realm --actionName nextdescendentsread
Usage:
am> read UmaProvider --realm Realmupdate
Usage:
am> update UmaProvider --realm Realm --body bodyParameters:
--bodyThe resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "resharingMode" : { "title" : "Re-Sharing Mode", "description" : "Specifies whether re-sharing is off or on implicitly for all users, allowing all users to re-share resources that have been shared with them.", "propertyOrder" : 800, "required" : true, "type" : "string", "exampleValue" : "" }, "userProfileLocaleAttribute" : { "title" : "User profile preferred Locale attribute", "description" : "User profile attribute storing the user's preferred locale.", "propertyOrder" : 700, "required" : true, "type" : "string", "exampleValue" : "" }, "grantRptConditions" : { "title" : "Grant RPTs...", "description" : "In UMA, scope comes from both the permission ticket and from the token request. An RPT is always granted when all scope matches, and is never granted when no scope matches. You can configure when RPTs are granted for partial match conditions here. For more information, see the UMA Grant Type specification section onAuthorization Assessment and Results Determination.", "propertyOrder" : 900, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "deletePoliciesOnDeleteRS" : { "title" : "Delete user policies when Resource Server is removed", "description" : "Delete all user policies that relate to a Resource Server when removing the OAuth2 agent entry or removing the <code>uma_protection</code> scope from the OAuth2 agent.", "propertyOrder" : 300, "required" : true, "type" : "boolean", "exampleValue" : "" }, "permissionTicketLifetime" : { "title" : "Permission Ticket Lifetime (seconds)", "description" : "The maximum life of a permission ticket before it expires, in seconds.", "propertyOrder" : 200, "required" : true, "type" : "integer", "exampleValue" : "" }, "emailResourceOwnerOnPendingRequestCreation" : { "title" : "Email Resource Owner on Pending Request creation", "description" : "Specifies whether to send an email to the Resource Owner when a Pending Request is created when a Requesting Party requests authorization to a resource.", "propertyOrder" : 500, "required" : true, "type" : "boolean", "exampleValue" : "" }, "deleteResourceSetsOnDeleteRS" : { "title" : "Delete resources when Resource Server is removed", "description" : "Delete all resources that relate to a Resource Server when removing the OAuth2 agent entry or removing the <code>uma_protection</code> scope from the OAuth2 agent.", "propertyOrder" : 400, "required" : true, "type" : "boolean", "exampleValue" : "" }, "emailRequestingPartyOnPendingRequestApproval" : { "title" : "Email Requesting Party on Pending Request approval", "description" : "Specifies whether to send an email to the Requesting Party when a Pending Request is approved by the Resource Owner.", "propertyOrder" : 600, "required" : true, "type" : "boolean", "exampleValue" : "" }, "pendingRequestsEnabled" : { "title" : "Pending Requests Enabled", "description" : "Specifies whether to use the Pending Requests subsystem that notifies the resource owner that an attempt to access a resource was made.", "propertyOrder" : 450, "required" : true, "type" : "boolean", "exampleValue" : "" } } }
Global Operations
Resource path: /global-config/services/uma
Resource version: 1.0
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage:
am> action UmaProvider --global --actionName getAllTypesgetCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage:
am> action UmaProvider --global --actionName getCreatableTypesnextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage:
am> action UmaProvider --global --actionName nextdescendentsread
Usage:
am> read UmaProvider --globalupdate
Usage:
am> update UmaProvider --global --body bodyParameters:
--bodyThe resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "defaults" : { "properties" : { "deletePoliciesOnDeleteRS" : { "title" : "Delete user policies when Resource Server is removed", "description" : "Delete all user policies that relate to a Resource Server when removing the OAuth2 agent entry or removing the <code>uma_protection</code> scope from the OAuth2 agent.", "propertyOrder" : 300, "required" : true, "type" : "boolean", "exampleValue" : "" }, "grantRptConditions" : { "title" : "Grant RPTs...", "description" : "In UMA, scope comes from both the permission ticket and from the token request. An RPT is always granted when all scope matches, and is never granted when no scope matches. You can configure when RPTs are granted for partial match conditions here. For more information, see the UMA Grant Type specification section onAuthorization Assessment and Results Determination.", "propertyOrder" : 900, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "emailResourceOwnerOnPendingRequestCreation" : { "title" : "Email Resource Owner on Pending Request creation", "description" : "Specifies whether to send an email to the Resource Owner when a Pending Request is created when a Requesting Party requests authorization to a resource.", "propertyOrder" : 500, "required" : true, "type" : "boolean", "exampleValue" : "" }, "pendingRequestsEnabled" : { "title" : "Pending Requests Enabled", "description" : "Specifies whether to use the Pending Requests subsystem that notifies the resource owner that an attempt to access a resource was made.", "propertyOrder" : 450, "required" : true, "type" : "boolean", "exampleValue" : "" }, "deleteResourceSetsOnDeleteRS" : { "title" : "Delete resources when Resource Server is removed", "description" : "Delete all resources that relate to a Resource Server when removing the OAuth2 agent entry or removing the <code>uma_protection</code> scope from the OAuth2 agent.", "propertyOrder" : 400, "required" : true, "type" : "boolean", "exampleValue" : "" }, "permissionTicketLifetime" : { "title" : "Permission Ticket Lifetime (seconds)", "description" : "The maximum life of a permission ticket before it expires, in seconds.", "propertyOrder" : 200, "required" : true, "type" : "integer", "exampleValue" : "" }, "emailRequestingPartyOnPendingRequestApproval" : { "title" : "Email Requesting Party on Pending Request approval", "description" : "Specifies whether to send an email to the Requesting Party when a Pending Request is approved by the Resource Owner.", "propertyOrder" : 600, "required" : true, "type" : "boolean", "exampleValue" : "" }, "userProfileLocaleAttribute" : { "title" : "User profile preferred Locale attribute", "description" : "User profile attribute storing the user's preferred locale.", "propertyOrder" : 700, "required" : true, "type" : "string", "exampleValue" : "" }, "resharingMode" : { "title" : "Re-Sharing Mode", "description" : "Specifies whether re-sharing is off or on implicitly for all users, allowing all users to re-share resources that have been shared with them.", "propertyOrder" : 800, "required" : true, "type" : "string", "exampleValue" : "" } }, "type" : "object", "title" : "Realm Defaults" } } }