- Overview
- Amster Entity Reference
- AcceptTermsAndConditions
- AccountActiveCheck
- AccountActiveDecision
- AccountLockout
- ActiveDirectory
- ActiveDirectoryApplicationModeADAM
- ActiveDirectoryModule
- AdaptiveRiskModule
- AdvancedProperties
- AgentDataStoreDecision
- AgentGroups
- AgentService
- Agents
- AmsterModule
- AnonymousModule
- AnonymousSessionUpgrade
- AnonymousUserMapping
- ApplicationTypes
- Applications
- AttributeCollector
- AttributePresentDecision
- AttributeValueDecision
- AuditEvent
- AuditLogging
- AuthLevelDecision
- AuthTree
- AuthenticateThing
- Authentication
- AuthenticationChains
- AuthenticationModules
- AuthenticationNodes
- AuthenticationTreesConfiguration
- AuthenticatorOath
- AuthenticatorOathModule
- AuthenticatorPush
- AuthenticatorPushModule
- AuthenticatorPushRegistrationModule
- AuthenticatorWebAuthn
- BaseUrlSource
- CORSService
- CRESTReporter
- Captcha
- CertificateCollectorNode
- CertificateModule
- CertificateUserExtractorNode
- CertificateValidationNode
- ChoiceCollector
- CircleOfTrust
- CommonFederationConfiguration
- ConditionTypes
- ConfigurationVersionService
- ConsentCollector
- CookiePresenceDecisionNode
- CorsConfiguration
- CreateObject
- CreatePassword
- Csv
- CtsDataStoreProperties
- Dashboard
- DashboardInstance
- DashboardUserService
- Dashboards
- DataStoreDecision
- DataStoreInstance
- DataStoreModule
- DataStoreService
- DecisionCombiners
- DefaultAdvancedProperties
- DefaultCtsDataStoreProperties
- DefaultDirectoryConfiguration
- DefaultGeneralProperties
- DefaultSdkProperties
- DefaultSecurityProperties
- DefaultSessionProperties
- DefaultUmaDataStoreProperties
- DeviceGeofencing
- DeviceIDService
- DeviceIdMatchModule
- DeviceIdSaveModule
- DeviceLocationMatch
- DeviceMatch
- DeviceProfile
- DeviceProfileCollector
- DeviceProfileSave
- DeviceProfilesService
- DeviceTamperingVerification
- DirectoryConfiguration
- DisplayUsername
- ElasticSearch
- EmailService
- EmailSuspendNode
- EmailTemplateNode
- EnvironmentAndSystemPropertySecretsStore
- FailureURL
- FederationModule
- FileSystemSecretStore
- ForgeRockIAMDirectoryServer
- ForgottenPassword
- ForgottenUsername
- GeneralProperties
- GenericLDAPv3
- GetSessionData
- GlobalScripts
- GlobalSecretsSettings
- Globalization
- GoogleKeyManagementServiceSecretStore
- GoogleKmsMappings
- GraphiteReporter
- HOTPGenerator
- HostedSaml2EntityProvider
- HotpModule
- HsmMappings
- HsmSecretStore
- HttpBasicModule
- IDMProvisioning
- IdRepository
- IdRepositoryUser
- IdentifyExistingUser
- IdentityGatewayAgentGroups
- IdentityGatewayAgents
- IncrementLoginCount
- InnerTreeEvaluator
- IoTService
- J2EEAgentGroups
- J2eeAgents
- JSONStdout
- Jdbc
- JdbcModule
- Jms
- Json
- JwtProofOfPossessionModule
- KBADecision
- KBADefinition
- KBAVerification
- KbaQuestions
- KerberosNode
- KeyStoreMappings
- KeyStoreSecretStore
- LDAPDecision
- LdapModule
- LegacyUserSelfService
- LinkedInClient
- Logging
- LoginCountDecision
- MembershipModule
- MessageNode
- Meter
- ModifyAuthLevel
- Monitoring
- MsisdnModule
- MultiFederationProtocol
- Naming
- OAuth20
- OAuth2Client
- OAuth2ClientAgentGroups
- OAuth2Clients
- OAuth2Module
- OAuth2Provider
- OAuth2RemoteConsentAgentGroups
- OAuth2SoftwarePublisherAgentGroups
- OAuth2TrustedJWTIssuerAgentGroups
- OAuth2UserApplications
- OIDCClient
- OTPCollectorDecision
- OTPEmailSender
- OTPSMSSender
- OathModule
- OathUserDevices
- OpenDJ
- OpenIDConnect
- OpenIdConnectModule
- PageNode
- PasswordCollector
- PatchObject
- PendingUmaRequests
- PersistentCookieDecision
- PersistentCookieModule
- Platform
- PlatformPassword
- PlatformUsername
- Policies
- PolicyAgents
- PolicyConfiguration
- PollingWaitNode
- ProfileCompletenessDecision
- PrometheusReporter
- ProvisionDynamicAccount
- ProvisionIDMAccount
- PushNotification
- PushNotificationResponse
- PushResultVerifierNode
- PushSender
- PushUserDevices
- QueryFilterDecision
- RESTSecurityTokenServices
- RadiusClient
- RadiusModule
- RadiusServer
- Realms
- Records
- RecoveryCodeCollectorDecision
- RecoveryCodeDisplayNode
- RegisterLogoutWebhook
- RegisterThing
- RemoteConsentAgent
- RemoteConsentService
- RemoteSaml2EntityProvider
- RemoveSessionProperties
- RequiredAttributesPresent
- ResourceSets
- ResourceTypes
- RestApis
- RetryLimitDecision
- SAML2Authentication
- SOAPSecurityTokenServices
- SaeModule
- Saml2Entities
- Saml2Entity
- Saml2Module
- SamlV2ServiceConfiguration
- SamlV2SoapBinding
- ScriptStore
- ScriptTypes
- ScriptedDecision
- ScriptedModule
- Scripting
- ScriptingEngineConfiguration
- Scripts
- SdkProperties
- SecretStores
- Secrets
- SecurID
- SecurityProperties
- SecurityTokenServices
- SelectIdentityProvider
- SelfServiceTreeConfig
- SelfServiceTrees
- ServerInformation
- ServerVersion
- Servers
- Services
- Session
- SessionProperties
- SessionPropertyWhiteList
- SessionUserService
- Sessions
- SetPersistentCookie
- SetSessionProperties
- SharedAgents
- Sites
- SoapSTSAgentGroups
- SoapStsAgents
- SocialAuthInstagramModule
- SocialAuthOAuth2Module
- SocialAuthOpenIDModule
- SocialAuthTwitterModule
- SocialAuthVKontakteModule
- SocialAuthWeChatMobileModule
- SocialAuthWeChatModule
- SocialAuthentication
- SocialFacebook
- SocialGoogle
- SocialIdentityProviders
- SocialIdentityProvidersConfig
- SocialIgnoreProfile
- SocialProviderHandlerNode
- SoftwarePublisher
- Splunk
- StateMetadata
- SubjectAttributes
- SubjectTypes
- SuccessURL
- SunDSWithOpenAMSchema
- SupportedIds
- Syslog
- TermsAndConditionsDecision
- TimeSinceDecision
- TimerStart
- TimerStop
- TivoliDirectoryServer
- TransactionAuthentication
- TrustedJwtIssuer
- TrustedUserDevices
- TwitterClient
- UmaDataStoreProperties
- UmaPolicies
- UmaProvider
- UmaResourceSetLabels
- UmaUserAuditHistory
- User
- UserGroups
- UserPolicies
- UserRegistration
- UserSelfService
- UserServices
- UsernameCollector
- VKClient
- ValidationService
- WeChatClient
- WebAgentGroups
- WebAgents
- WebAuthnAuthenticationNode
- WebAuthnDeviceStorageNode
- WebAuthnRegistrationNode
- WebAuthnUserDevices
- WebhookService
- WindowsDesktopSsoModule
- WindowsNtModule
- WriteFederationInformation
- WsEntity
- ZeroPageLoginCollector
ValidationService
Realm Operations
Resource path: /realm-config/services/validation
Resource version: 1.0
create
Usage:
am> create ValidationService --realm Realm --body body
Parameters:
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "validGotoDestinations" : { "title" : "Valid goto URL Resources", "description" : "List of valid goto URL resources.<br><br>Specifies a list of valid URLs for the <code>goto</code> and <code>gotoOnFail</code> query string parameters. AM only redirects a user after log in or log out to a URL in this list. If the URL is not in the list, AM redirects to either the user profile page, or the administration console. If this property is not set, AM will only allow URLs that match its domain; for example, <code>domain-of-am-instance.com</code>. Use the <code>*</code> wildcard to match all characters except <code>?</code>.<p> Examples: </p> <ul><li><code>http://app.example.com:80/*</code></li> <li><code>http://app.example.com:80/*?*</code></li></ul>", "propertyOrder" : 100, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" } } }
delete
Usage:
am> delete ValidationService --realm Realm
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage:
am> action ValidationService --realm Realm --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage:
am> action ValidationService --realm Realm --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage:
am> action ValidationService --realm Realm --actionName nextdescendents
read
Usage:
am> read ValidationService --realm Realm
update
Usage:
am> update ValidationService --realm Realm --body body
Parameters:
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "validGotoDestinations" : { "title" : "Valid goto URL Resources", "description" : "List of valid goto URL resources.<br><br>Specifies a list of valid URLs for the <code>goto</code> and <code>gotoOnFail</code> query string parameters. AM only redirects a user after log in or log out to a URL in this list. If the URL is not in the list, AM redirects to either the user profile page, or the administration console. If this property is not set, AM will only allow URLs that match its domain; for example, <code>domain-of-am-instance.com</code>. Use the <code>*</code> wildcard to match all characters except <code>?</code>.<p> Examples: </p> <ul><li><code>http://app.example.com:80/*</code></li> <li><code>http://app.example.com:80/*?*</code></li></ul>", "propertyOrder" : 100, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" } } }
Global Operations
Resource path: /global-config/services/validation
Resource version: 1.0
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage:
am> action ValidationService --global --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage:
am> action ValidationService --global --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage:
am> action ValidationService --global --actionName nextdescendents
read
Usage:
am> read ValidationService --global
update
Usage:
am> update ValidationService --global --body body
Parameters:
--body
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "defaults" : { "properties" : { "validGotoDestinations" : { "title" : "Valid goto URL Resources", "description" : "List of valid goto URL resources.<br><br>Specifies a list of valid URLs for the <code>goto</code> and <code>gotoOnFail</code> query string parameters. AM only redirects a user after log in or log out to a URL in this list. If the URL is not in the list, AM redirects to either the user profile page, or the administration console. If this property is not set, AM will only allow URLs that match its domain; for example, <code>domain-of-am-instance.com</code>. Use the <code>*</code> wildcard to match all characters except <code>?</code>.<p> Examples: </p> <ul><li><code>http://app.example.com:80/*</code></li> <li><code>http://app.example.com:80/*?*</code></li></ul>", "propertyOrder" : 100, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" } }, "type" : "object", "title" : "Realm Defaults" } } }