WebAuthnAuthenticationNode

Realm Operations

Resource path: /realm-config/authentication/authenticationtrees/nodes/WebAuthnAuthenticationNode

Resource version: 1.0

create

Usage:

am> create WebAuthnAuthenticationNode --realm Realm --id id --body body

Parameters:

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "isRecoveryCodeAllowed" : {
      "title" : "Allow recovery codes",
      "description" : "",
      "propertyOrder" : 30,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "asScript" : {
      "title" : "Return challenge as JavaScript",
      "description" : "If enabled, the node will return its challenge as a fully encapsulated client-side JavaScript that will interact directly with the WebAuthn API and submit the response back. If disabled, the node will return the challenge and associated data in a metadata node, and the custom UI will use that to interact with the WebAuthn API itself.",
      "propertyOrder" : 60,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "relyingPartyDomain" : {
      "title" : "Relying party identifier",
      "description" : "The domain against which to register devices, if blank AM will make a best guess at the domain.",
      "propertyOrder" : 10,
      "type" : "string",
      "exampleValue" : ""
    },
    "requiresResidentKey" : {
      "title" : "Username from device",
      "description" : "Requests that the username is selected by the device. Devices which do not support storing and providing the username will be unable to utilise the node while it is operating in this mode.",
      "propertyOrder" : 50,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "origins" : {
      "title" : "Origin domains",
      "description" : "A set of fully-qualified URLs of accepted origins, e.g. http://app.example.com:443. If empty, the accepted origin is the incoming request origin.",
      "propertyOrder" : 15,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    },
    "userVerificationRequirement" : {
      "title" : "User verification requirement",
      "description" : "If specified as REQUIRED, authenticators that don't verify user identity are filtered out and should not be selectable by the user.",
      "propertyOrder" : 20,
      "type" : "string",
      "exampleValue" : ""
    },
    "timeout" : {
      "title" : "Timeout",
      "description" : "The number of seconds to wait for a valid WebAuthn authenticator to be registered before failing.",
      "propertyOrder" : 40,
      "type" : "integer",
      "exampleValue" : ""
    }
  },
  "required" : [ "asScript", "origins", "timeout", "requiresResidentKey", "isRecoveryCodeAllowed", "userVerificationRequirement" ]
}

delete

Usage:

am> delete WebAuthnAuthenticationNode --realm Realm --id id

Parameters:

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage:

am> action WebAuthnAuthenticationNode --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage:

am> action WebAuthnAuthenticationNode --realm Realm --actionName getCreatableTypes

listOutcomes

List the available outcomes for the node type.

Usage:

am> action WebAuthnAuthenticationNode --realm Realm --body body --actionName listOutcomes

Parameters:

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "title" : "Some configuration of the node. This does not need to be complete against the configuration schema."
}

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage:

am> action WebAuthnAuthenticationNode --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports `_queryFilter=true` filter.

Usage:

am> query WebAuthnAuthenticationNode --realm Realm --filter filter

Parameters:

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage:

am> read WebAuthnAuthenticationNode --realm Realm --id id

Parameters:

--id

The unique identifier for the resource.

update

Usage:

am> update WebAuthnAuthenticationNode --realm Realm --id id --body body

Parameters:

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "isRecoveryCodeAllowed" : {
      "title" : "Allow recovery codes",
      "description" : "",
      "propertyOrder" : 30,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "asScript" : {
      "title" : "Return challenge as JavaScript",
      "description" : "If enabled, the node will return its challenge as a fully encapsulated client-side JavaScript that will interact directly with the WebAuthn API and submit the response back. If disabled, the node will return the challenge and associated data in a metadata node, and the custom UI will use that to interact with the WebAuthn API itself.",
      "propertyOrder" : 60,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "relyingPartyDomain" : {
      "title" : "Relying party identifier",
      "description" : "The domain against which to register devices, if blank AM will make a best guess at the domain.",
      "propertyOrder" : 10,
      "type" : "string",
      "exampleValue" : ""
    },
    "requiresResidentKey" : {
      "title" : "Username from device",
      "description" : "Requests that the username is selected by the device. Devices which do not support storing and providing the username will be unable to utilise the node while it is operating in this mode.",
      "propertyOrder" : 50,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "origins" : {
      "title" : "Origin domains",
      "description" : "A set of fully-qualified URLs of accepted origins, e.g. http://app.example.com:443. If empty, the accepted origin is the incoming request origin.",
      "propertyOrder" : 15,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    },
    "userVerificationRequirement" : {
      "title" : "User verification requirement",
      "description" : "If specified as REQUIRED, authenticators that don't verify user identity are filtered out and should not be selectable by the user.",
      "propertyOrder" : 20,
      "type" : "string",
      "exampleValue" : ""
    },
    "timeout" : {
      "title" : "Timeout",
      "description" : "The number of seconds to wait for a valid WebAuthn authenticator to be registered before failing.",
      "propertyOrder" : 40,
      "type" : "integer",
      "exampleValue" : ""
    }
  },
  "required" : [ "asScript", "origins", "timeout", "requiresResidentKey", "isRecoveryCodeAllowed", "userVerificationRequirement" ]
}
Read a different version of :