aam

Configure Application Access Management settings. AAM optimizes Authentication, Authorization, and Accounting (AAA) for client-server traffic.

aam Specification

Type Intermediate Resource
Element Name aam
Element URI /axapi/v3/aam
Element Attributes aam_attributes
Schema aam schema

Operations Allowed:

Operation Method URI Payload

Get Object

GET

/axapi/v3/aam

aam_attributes

aam Attributes

aaa-policy-list

Description: aaa-policy-list is a JSON List . Please see below for aaa-policy-list

Type: List

Reference Object: /axapi/v3/aam/aaa-policy/{name}

authentication

Description: authentication is a JSON Block . Please see below for authentication

Type: Object

Reference Object: /axapi/v3/aam/authentication

authorization

Description: authorization is a JSON Block . Please see below for authorization

Type: Object

Reference Object: /axapi/v3/aam/authorization

authentication

Specification
Type object

account

Description: account is a JSON Block . Please see below for l1093_account

Type: Object

Reference Object: /axapi/v3/aam/authentication/account

global

Description: global is a JSON Block . Please see below for l1093_global

Type: Object

Reference Object: /axapi/v3/aam/authentication/global

log

Description: log is a JSON Block . Please see below for l1093_log

Type: Object

Reference Object: /axapi/v3/aam/authentication/log

logon

Description: logon is a JSON Block . Please see below for l1093_logon

Type: Object

Reference Object: /axapi/v3/aam/authentication/logon

portal-list

Description: portal-list is a JSON List . Please see below for l1093_portal-list

Type: List

Reference Object: /axapi/v3/aam/authentication/portal/{name}

relay

Description: relay is a JSON Block . Please see below for l1093_relay

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay

saml

Description: saml is a JSON Block . Please see below for l1093_saml

Type: Object

Reference Object: /axapi/v3/aam/authentication/saml

server

Description: server is a JSON Block . Please see below for l1093_server

Type: Object

Reference Object: /axapi/v3/aam/authentication/server

service-group-list

Description: service-group-list is a JSON List . Please see below for l1093_service-group-list

Type: List

Reference Object: /axapi/v3/aam/authentication/service-group/{name}

template-list

Description: template-list is a JSON List . Please see below for l1093_template-list

Type: List

Reference Object: /axapi/v3/aam/authentication/template/{name}

authentication.account

Specification
Type object

kerberos-spn-list

Description: kerberos-spn-list is a JSON List . Please see below for l1093_kerberos-spn-list

Type: List

Reference Object: /axapi/v3/aam/authentication/account/kerberos-spn/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.account.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response;

Type: string

Supported Values: all, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other

authentication.account.kerberos-spn-list

Specification
Type list
Block object keys

account

Description: Specify domain account for SPN

Type: string

Format: string-rlx

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.)

name

Description: Specify AD account name

Type: string

password

Description: Specify password of domain account

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

realm

Description: Specify Kerberos realm

Type: string

secret-string

Description: Password of AD account

Type: string

Format: password

service-principal-name

Description: Specify service principal name

Type: string

Format: string-rlx

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.portal-list

Specification
Type list
Block object keys

change-password

Description: change-password is a JSON Block . Please see below for l1093_change-password

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/change-password

logo-cfg

Description: logo-cfg is a JSON Block . Please see below for l1093_logo-cfg

Type: Object

logon

Description: logon is a JSON Block . Please see below for l1093_logon

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/logon

logon-fail

Description: logon-fail is a JSON Block . Please see below for l1093_logon-fail

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/logon-fail

name

Description: ‘default-portal’: Default portal configuration;

Type: string

Supported Values: default-portal

reset-change-password

Description: reset-change-password is a JSON Block . Please see below for l1093_reset-change-password

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/reset-change-password

reset-logon

Description: reset-logon is a JSON Block . Please see below for l1093_reset-logon

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/reset-logon

reset-logon-fail

Description: reset-logon-fail is a JSON Block . Please see below for l1093_reset-logon-fail

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/reset-logon-fail

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.portal-list.logon-fail

Specification
Type object

background

Description: background is a JSON Block . Please see below for l1093_background

Type: Object

fail-msg-cfg

Description: fail-msg-cfg is a JSON Block . Please see below for l1093_fail-msg-cfg

Type: Object

title-cfg

Description: title-cfg is a JSON Block . Please see below for l1093_title-cfg

Type: Object

uuid

Description: uuid of the object

Type: string

authentication.portal-list.logon-fail.fail-msg-cfg

Specification
Type object

fail-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: fail-color-name and fail-color-value are mutually exclusive

fail-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: fail-color-value and fail-color-name are mutually exclusive

fail-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: fail-face and fail-font-custom are mutually exclusive

fail-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: fail-font-custom and fail-face are mutually exclusive

fail-msg

Description: Configure logon failure message in default logon fail page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-size

Description: Specify font size

Type: number

Range: 1-7

fail-text

Description: Specify logon failure message (Default: Login Failed!!)

Type: string

Format: string-rlx

authentication.portal-list.logon-fail.title-cfg

Specification
Type object

title

Description: Configure title in default logon fail page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: title-color-name and title-color-value are mutually exclusive

title-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: title-color-value and title-color-name are mutually exclusive

title-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: title-face and title-font-custom are mutually exclusive

title-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: title-font-custom and title-face are mutually exclusive

title-size

Description: Specify font size

Type: number

Range: 1-7

title-text

Description: Specify title (Default: Try Too Many Times)

Type: string

Format: string-rlx

authentication.portal-list.logon-fail.background

Specification
Type object

bgcolor

Description: Specify background color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: bgcolor and bgfile are mutually exclusive

bgcolor-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: bgcolor-name and bgcolor-value are mutually exclusive

bgcolor-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: bgcolor-value and bgcolor-name are mutually exclusive

bgfile

Description: Specify background image filename

Type: string

Format: string-rlx

Mutual Exclusion: bgfile and bgcolor are mutually exclusive

bgstyle

Description: ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;

Type: string

Supported Values: tile, stretch, fit

authentication.portal-list.logo-cfg

Specification
Type object

height

Description: Specify logo image height

Type: number

Range: 50-400

logo

Description: Specify logo image filename

Type: string

Format: string-rlx

width

Description: Specify logo image width

Type: number

Range: 50-400

authentication.portal-list.reset-logon

Specification
Type object

reset

Description:

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.portal-list.reset-logon-fail

Specification
Type object

reset

Description:

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.portal-list.reset-change-password

Specification
Type object

reset

Description:

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.portal-list.logon

Specification
Type object

action-url

Description: Specify form action URL in default logon page (Default: /logon.fo)

Type: string

Format: string-rlx

background

Description: background is a JSON Block . Please see below for l1093_background

Type: Object

enable-passcode

Description: Enable passcode field in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-msg-cfg

Description: fail-msg-cfg is a JSON Block . Please see below for l1093_fail-msg-cfg

Type: Object

passcode-cfg

Description: passcode-cfg is a JSON Block . Please see below for l1093_passcode-cfg

Type: Object

passcode-var

Description: Specify passcode variable name in default logon page (Default: passcode)

Type: string

Format: string-rlx

password-cfg

Description: password-cfg is a JSON Block . Please see below for l1093_password-cfg

Type: Object

password-var

Description: Specify password variable name in default logon page (Default: pwd)

Type: string

Format: string-rlx

submit-text

Description: Specify submit button text in default logon page (Default: Log In)

Type: string

Format: string-rlx

username-cfg

Description: username-cfg is a JSON Block . Please see below for l1093_username-cfg

Type: Object

username-var

Description: Specify username variable name in default logon page (Default: user)

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.portal-list.logon.passcode-cfg

Specification
Type object

passcode

Description: Configure passcode text in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

passcode-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

passcode-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: passcode-color-name and passcode-color-value are mutually exclusive

passcode-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: passcode-color-value and passcode-color-name are mutually exclusive

passcode-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: passcode-face and passcode-font-custom are mutually exclusive

passcode-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

passcode-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: passcode-font-custom and passcode-face are mutually exclusive

passcode-size

Description: Specify font size

Type: number

Range: 1-7

passcode-text

Description: Specify passcode text (Default: Passcode)

Type: string

Format: string-rlx

authentication.portal-list.logon.background

Specification
Type object

bgcolor

Description: Specify background color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: bgcolor and bgfile are mutually exclusive

bgcolor-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: bgcolor-name and bgcolor-value are mutually exclusive

bgcolor-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: bgcolor-value and bgcolor-name are mutually exclusive

bgfile

Description: Specify background image filename

Type: string

Format: string-rlx

Mutual Exclusion: bgfile and bgcolor are mutually exclusive

bgstyle

Description: ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;

Type: string

Supported Values: tile, stretch, fit

authentication.portal-list.logon.fail-msg-cfg

Specification
Type object

authz-fail-msg

Description: Configure authorization failure message in default logon page, its text attributes follow fail-msg’s (Specify authorization failure message (Default: Authorization failed. Please contact your system administrator.))

Type: string

Format: string-rlx

fail-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: fail-color-name and fail-color-value are mutually exclusive

fail-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: fail-color-value and fail-color-name are mutually exclusive

fail-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: fail-face and fail-font-custom are mutually exclusive

fail-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: fail-font-custom and fail-face are mutually exclusive

fail-msg

Description: Configure login failure message in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-size

Description: Specify font size

Type: number

Range: 1-7

fail-text

Description: Specify login failure message (Default: Invalid username or password. Please try again.)

Type: string

Format: string-rlx

authentication.portal-list.logon.password-cfg

Specification
Type object

pass-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

pass-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: pass-color-name and pass-color-value are mutually exclusive

pass-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: pass-color-value and pass-color-name are mutually exclusive

pass-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: pass-face and pass-font-custom are mutually exclusive

pass-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

pass-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: pass-font-custom and pass-face are mutually exclusive

pass-size

Description: Specify font size

Type: number

Range: 1-7

pass-text

Description: Specify password text (Default: Password)

Type: string

Format: string-rlx

password

Description: Configure password text in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.portal-list.logon.username-cfg

Specification
Type object

user-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: user-color-name and user-color-value are mutually exclusive

user-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: user-color-value and user-color-name are mutually exclusive

user-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: user-face and user-font-custom are mutually exclusive

user-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: user-font-custom and user-face are mutually exclusive

user-size

Description: Specify font size

Type: number

Range: 1-7

user-text

Description: Specify username text (Default: User Name)

Type: string

Format: string-rlx

username

Description: Configure username text in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.portal-list.change-password

Specification
Type object

action-url

Description: Specify form action URL in default change password page (Default: /change.fo)

Type: string

Format: string-rlx

background

Description: background is a JSON Block . Please see below for l1093_background

Type: Object

cfm-pwd-cfg

Description: cfm-pwd-cfg is a JSON Block . Please see below for l1093_cfm-pwd-cfg

Type: Object

confirm-password-var

Description: Specify confirm password variable name in default change password page (Default: cp_cfm_pwd)

Type: string

Format: string-rlx

new-password-var

Description: Specify new password variable name in default change password page (Default: cp_new_pwd)

Type: string

Format: string-rlx

new-pwd-cfg

Description: new-pwd-cfg is a JSON Block . Please see below for l1093_new-pwd-cfg

Type: Object

old-password-var

Description: Specify old password variable name in default change password page (Default: cp_old_pwd)

Type: string

Format: string-rlx

old-pwd-cfg

Description: old-pwd-cfg is a JSON Block . Please see below for l1093_old-pwd-cfg

Type: Object

reset-text

Description: Specify reset button text in default change password page (Default: Reset)

Type: string

Format: string-rlx

submit-text

Description: Specify submit button text in default change password page (Default: Submit)

Type: string

Format: string-rlx

title-cfg

Description: title-cfg is a JSON Block . Please see below for l1093_title-cfg

Type: Object

username-cfg

Description: username-cfg is a JSON Block . Please see below for l1093_username-cfg

Type: Object

username-var

Description: Specify username variable name in default change password page (Default: cp_usr)

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.portal-list.change-password.new-pwd-cfg

Specification
Type object

new-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

new-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: new-color-name and new-color-value are mutually exclusive

new-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: new-color-value and new-color-name are mutually exclusive

new-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: new-face and new-font-custom are mutually exclusive

new-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

new-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: new-font-custom and new-face are mutually exclusive

new-password

Description: Configure new password text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

new-size

Description: Specify font size

Type: number

Range: 1-7

new-text

Description: Specify new password text (Default: New Password)

Type: string

Format: string-rlx

authentication.portal-list.change-password.title-cfg

Specification
Type object

title

Description: Configure title in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: title-color-name and title-color-value are mutually exclusive

title-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: title-color-value and title-color-name are mutually exclusive

title-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: title-face and title-font-custom are mutually exclusive

title-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: title-font-custom and title-face are mutually exclusive

title-size

Description: Specify font size

Type: number

Range: 1-7

title-text

Description: Specify title (Default: Please Change Your Password)

Type: string

Format: string-rlx

authentication.portal-list.change-password.old-pwd-cfg

Specification
Type object

old-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

old-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: old-color-name and old-color-value are mutually exclusive

old-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: old-color-value and old-color-name are mutually exclusive

old-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: old-face and old-font-custom are mutually exclusive

old-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

old-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: old-font-custom and old-face are mutually exclusive

old-password

Description: Configure old password text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

old-size

Description: Specify font size

Type: number

Range: 1-7

old-text

Description: Specify old password text (Default: Old Password)

Type: string

Format: string-rlx

authentication.portal-list.change-password.background

Specification
Type object

bgcolor

Description: Specify background color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: bgcolor and bgfile are mutually exclusive

bgcolor-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: bgcolor-name and bgcolor-value are mutually exclusive

bgcolor-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: bgcolor-value and bgcolor-name are mutually exclusive

bgfile

Description: Specify background image filename

Type: string

Format: string-rlx

Mutual Exclusion: bgfile and bgcolor are mutually exclusive

bgstyle

Description: ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;

Type: string

Supported Values: tile, stretch, fit

authentication.portal-list.change-password.cfm-pwd-cfg

Specification
Type object

cfm-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

cfm-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: cfm-color-name and cfm-color-value are mutually exclusive

cfm-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: cfm-color-value and cfm-color-name are mutually exclusive

cfm-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: cfm-face and cfm-font-custom are mutually exclusive

cfm-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

cfm-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: cfm-font-custom and cfm-face are mutually exclusive

cfm-size

Description: Specify font size

Type: number

Range: 1-7

cfm-text

Description: Specify confirm password text (Default: Confirm New Password)

Type: string

Format: string-rlx

confirm-password

Description: Configure confirm password text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.portal-list.change-password.username-cfg

Specification
Type object

user-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: user-color-name and user-color-value are mutually exclusive

user-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: user-color-value and user-color-name are mutually exclusive

user-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: user-face and user-font-custom are mutually exclusive

user-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: user-font-custom and user-face are mutually exclusive

user-size

Description: Specify font size

Type: number

Range: 1-7

user-text

Description: Specify username text (Default: Username)

Type: string

Format: string-rlx

username

Description: Configure username text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.log

Specification
Type object

enable

Description: Enable authentication logs

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

facility

Description: ‘local0’: Local use; ‘local1’: Local use; ‘local2’: Local use; ‘local3’: Local use; ‘local4’: Local use; ‘local5’: Local use; ‘local6’: Local use; ‘local7’: Local use;

Type: string

Supported Values: local0, local1, local2, local3, local4, local5, local6, local7

Default: local0

uuid

Description: uuid of the object

Type: string

authentication.relay

Specification
Type object

form-based

Description: form-based is a JSON Block . Please see below for l1093_form-based

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay/form-based

http-basic

Description: http-basic is a JSON Block . Please see below for l1093_http-basic

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay/http-basic

kerberos

Description: kerberos is a JSON Block . Please see below for l1093_kerberos

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay/kerberos

ntlm-list

Description: ntlm-list is a JSON List . Please see below for l1093_ntlm-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/ntlm/{name}

ws-federation-list

Description: ws-federation-list is a JSON List . Please see below for l1093_ws-federation-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/ws-federation/{name}

authentication.relay.ws-federation-list

Specification
Type list
Block object keys

application-server

Description: ‘sharepoint’: Microsoft SharePoint; ‘exchange-owa’: Microsoft Exchange OWA;

Type: string

Supported Values: sharepoint, exchange-owa

authentication-uri

Description: Specify WS-Federation relay URI, default is /_trust/

Type: string

Format: string-rlx

name

Description: Specify WS-Federation authentication relay name

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.relay.ws-federation-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request’: Request; ‘success’: Success; ‘failure’: Failure;

Type: string

Supported Values: all, request, success, failure

authentication.relay.ntlm-list

Specification
Type list
Block object keys

domain

Description: Specify NTLM domain, default is null

Type: string

name

Description: Specify NTLM authentication relay name

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

version

Description: Specify NTLM version, default is NTLM 2

Type: number

Range: 1-2

Default: 2

authentication.relay.ntlm-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘success’: Success; ‘failure’: Failure; ‘request’: Request; ‘response’: Response; ‘http-code-200’: HTTP 200 OK; ‘http-code-400’: HTTP 400 Bad Request; ‘http-code-401’: HTTP 401 Unauthorized; ‘http-code-403’: HTTP 403 Forbidden; ‘http-code-404’: HTTP 404 Not Found; ‘http-code-500’: HTTP 500 Internal Server Error; ‘http-code-503’: HTTP 503 Service Unavailable; ‘http-code-other’: Other HTTP Response; ‘buffer-alloc-fail’: Buffer Allocation Failure; ‘encoding-fail’: Encoding Failure; ‘insert-header-fail’: Insert Header Failure; ‘parse-header-fail’: Parse Header Failure; ‘internal-error’: Internal Error;

Type: string

Supported Values: all, success, failure, request, response, http-code-200, http-code-400, http-code-401, http-code-403, http-code-404, http-code-500, http-code-503, http-code-other, buffer-alloc-fail, encoding-fail, insert-header-fail, parse-header-fail, internal-error

authentication.relay.form-based

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/form-based/instance/{name}

authentication.relay.form-based.instance-list

Specification
Type list
Block object keys

name

Description: Specify form-based authentication relay name

Type: string

request-uri-list

Description: request-uri-list is a JSON List . Please see below for l1093_request-uri-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/form-based/instance/{name}/request-uri/{match-type}+{uri}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.relay.form-based.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request’: Request; ‘invalid_srv_rsp’: Invalid Server Response; ‘post_fail’: POST Failed; ‘invalid_cred’: Invalid Credential; ‘bad_req’: Bad Request; ‘not_fnd’: Not Found; ‘error’: Internal Server Error; ‘other_error’: Other Error;

Type: string

Supported Values: all, request, invalid_srv_rsp, post_fail, invalid_cred, bad_req, not_fnd, error, other_error

authentication.relay.form-based.instance-list.request-uri-list

Specification
Type list
Block object keys

action-uri

Description: Specify the action-URI

Type: string

Format: string-rlx

cookie

Description: cookie is a JSON Block . Please see below for l1093_cookie

Type: Object

domain-variable

Description: Specify domain variable name

Type: string

Format: string-rlx

match-type

Description: ‘equals’: URI exactly matches the string; ‘contains’: URI string contains another sub string; ‘starts-with’: URI string starts with sub string; ‘ends-with’: URI string ends with sub string;

Type: string

Supported Values: equals, contains, starts-with, ends-with

other-variables

Description: Specify other variables (n1=v1&n2=v2) in form relay

Type: string

Format: string-rlx

password-variable

Description: Specify password variable name

Type: string

Format: string-rlx

uri

Description: Specify request URI

Type: string

Format: string-rlx

user-tag

Description: Customized tag

Type: string

Format: string-rlx

user-variable

Description: Specify username variable name

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.relay.kerberos

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/kerberos/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.relay.kerberos.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request-send’: Total Request Send; ‘response-get’: Total Response Get; ‘timeout-error’: Total Timeout; ‘other-error’: Total Other Error; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error;

Type: string

Supported Values: all, request-send, response-get, timeout-error, other-error, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error

authentication.relay.kerberos.instance-list

Specification
Type list
Block object keys

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

kerberos-account

Description: Specify the kerberos account name

Type: string

Format: string-rlx

kerberos-kdc

Description: Specify the kerberos kdc ip or host name

Type: string

Mutual Exclusion: kerberos-kdc and kerberos-kdc-service-group are mutually exclusive

kerberos-kdc-service-group

Description: Specify an authentication service group as multiple KDCs

Type: string

Format: string-rlx

Mutual Exclusion: kerberos-kdc-service-group and kerberos-kdc are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

kerberos-realm

Description: Specify the kerberos realm

Type: string

name

Description: Specify Kerberos authentication relay name

Type: string

password

Description: Specify password of Kerberos password

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

port

Description: Specify The KDC port, default is 88

Type: number

Range: 1-65535

Default: 88

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

secret-string

Description: The kerberos client password

Type: string

Format: password

timeout

Description: Specify timeout for kerberos transport, default is 10 seconds (The timeout, default is 10 seconds)

Type: number

Range: 1-255

Default: 10

uuid

Description: uuid of the object

Type: string

authentication.relay.kerberos.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request-send’: Request Send; ‘response-receive’: Response Receive; ‘current-requests-of-user’: Current Pending Requests of User; ‘tickets’: Tickets;

Type: string

Supported Values: all, request-send, response-receive, current-requests-of-user, tickets

authentication.relay.http-basic

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/http-basic/instance/{name}

authentication.relay.http-basic.instance-list

Specification
Type list
Block object keys

domain

Description: Specify user domain, default is null

Type: string

domain-format

Description: ‘user-principal-name’: Append domain with User Principal Name format. (e.g. user @ domain ); ‘down-level-logon-name’: Append domain with Down-Level Logon Name format. (e.g. domainuser);

Type: string

Supported Values: user-principal-name, down-level-logon-name

Default: down-level-logon-name

name

Description: Specify HTTP basic authentication relay name

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.relay.http-basic.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘success’: Success; ‘no-creds’: No Credential; ‘bad-req’: Bad Request; ‘unauth’: Unauthorized; ‘forbidden’: Forbidden; ‘not-found’: Not Found; ‘server-error’: Internal Server Error; ‘unavailable’: Service Unavailable;

Type: string

Supported Values: all, success, no-creds, bad-req, unauth, forbidden, not-found, server-error, unavailable

authentication.saml

Specification
Type object

global

Description: global is a JSON Block . Please see below for l1093_global

Type: Object

Reference Object: /axapi/v3/aam/authentication/saml/global

identity-provider-list

Description: identity-provider-list is a JSON List . Please see below for l1093_identity-provider-list

Type: List

Reference Object: /axapi/v3/aam/authentication/saml/identity-provider/{name}

service-provider-list

Description: service-provider-list is a JSON List . Please see below for l1093_service-provider-list

Type: List

Reference Object: /axapi/v3/aam/authentication/saml/service-provider/{name}

authentication.saml.global

Specification
Type object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.saml.global.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘requests-to-a10saml’: Total Request to A10 SAML Service; ‘responses-from-a10saml’: Total Response from A10 SAML Service; ‘sp-metadata-export-req’: Total Metadata Export Request; ‘sp-metadata-export-success’: Toal Metadata Export Success; ‘login-auth-req’: Total Login Authentication Request; ‘login-auth-resp’: Total Login Authentication Response; ‘acs-req’: Total SAML Single-Sign-On Request; ‘acs-success’: Total SAML Single-Sign-On Success; ‘acs-authz-fail’: Total SAML Single-Sign-On Authorization Fail; ‘acs-error’: Total SAML Single-Sign-On Error; ‘slo-req’: Total Single Logout Request; ‘slo-success’: Total Single Logout Success; ‘slo-error’: Total Single Logout Error; ‘other-error’: Total Other Error;

Type: string

Supported Values: all, requests-to-a10saml, responses-from-a10saml, sp-metadata-export-req, sp-metadata-export-success, login-auth-req, login-auth-resp, acs-req, acs-success, acs-authz-fail, acs-error, slo-req, slo-success, slo-error, other-error

authentication.saml.service-provider-list

Specification
Type list
Block object keys

adfs-ws-federation

Description: adfs-ws-federation is a JSON Block . Please see below for l1093_adfs-ws-federation

Type: Object

artifact-resolution-service

Description: artifact-resolution-service is a JSON List . Please see below for l1093_artifact-resolution-service

Type: List

assertion-consuming-service

Description: assertion-consuming-service is a JSON List . Please see below for l1093_assertion-consuming-service

Type: List

certificate

Description: SAML service provider certificate file (PFX format is required.)

Type: string

entity-id

Description: SAML service provider entity ID

Type: string

Format: string-rlx

metadata-export-service

Description: metadata-export-service is a JSON Block . Please see below for l1093_metadata-export-service

Type: Object

name

Description: Specify SAML authentication service provider name

Type: string

require-assertion-signed

Description: require-assertion-signed is a JSON Block . Please see below for l1093_require-assertion-signed

Type: Object

saml-request-signed

Description: saml-request-signed is a JSON Block . Please see below for l1093_saml-request-signed

Type: Object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

service-url

Description: SAML service provider service URL (ex. https://www.a10networks.com/saml.sso )

Type: string

Format: string-rlx

single-logout-service

Description: single-logout-service is a JSON List . Please see below for l1093_single-logout-service

Type: List

soap-tls-certificate-validate

Description: soap-tls-certificate-validate is a JSON Block . Please see below for l1093_soap-tls-certificate-validate

Type: Object

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.saml.service-provider-list.require-assertion-signed

Specification
Type object

require-assertion-signed-enable

Description: Enable required signing of SAML assertion

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.saml.service-provider-list.single-logout-service

Specification
Type list
Block object keys

SLO-binding

Description: ‘post’: POST binding of single logout service; ‘redirect’: Redirect binding of single logout service; ‘soap’: SOAP binding of single logout service;

Type: string

Supported Values: post, redirect, soap

SLO-location

Description: The location of name-id management service. (ex. /SAML/POST)

Type: string

Format: string-rlx

authentication.saml.service-provider-list.assertion-consuming-service

Specification
Type list
Block object keys

assertion-binding

Description: ‘artifact’: Artifact binding of assertion consuming service; ‘paos’: PAOS binding of assertion consuming service; ‘post’: POST binding of assertion consuming service;

Type: string

Supported Values: artifact, paos, post

assertion-index

Description: The index of assertion consuming service

Type: number

Range: 0-5

assertion-location

Description: The location of assertion consuming service endpoint. (ex. /SAML/POST)

Type: string

Format: string-rlx

authentication.saml.service-provider-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘sp-metadata-export-req’: Metadata Export Request; ‘sp-metadata-export-success’: Metadata Export Success; ‘login-auth-req’: Login Authentication Request; ‘login-auth-resp’: Login Authentication Response; ‘acs-req’: SAML Single-Sign-On Request; ‘acs-success’: SAML Single-Sign-On Success; ‘acs-authz-fail’: SAML Single-Sign-On Authorization Fail; ‘acs-error’: SAML Single-Sign-On Error; ‘slo-req’: Single Logout Request; ‘slo-success’: Single Logout Success; ‘slo-error’: Single Logout Error; ‘other-error’: Other Error;

Type: string

Supported Values: all, sp-metadata-export-req, sp-metadata-export-success, login-auth-req, login-auth-resp, acs-req, acs-success, acs-authz-fail, acs-error, slo-req, slo-success, slo-error, other-error

authentication.saml.service-provider-list.saml-request-signed

Specification
Type object

saml-request-signed-disable

Description: Disable signing signature for SAML (Authn/Artifact Resolve) requests

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.saml.service-provider-list.adfs-ws-federation

Specification
Type object

ws-federation-enable

Description: Enable ADFS WS-Federation

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.saml.service-provider-list.soap-tls-certificate-validate

Specification
Type object

soap-tls-certificate-validate-disable

Description: Disable verification for server certificate in TLS session when resolving artificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.saml.service-provider-list.artifact-resolution-service

Specification
Type list
Block object keys

artifact-binding

Description: ‘soap’: SOAP binding of artifact resolution service;

Type: string

Supported Values: soap

artifact-index

Description: The index of artifact resolution service

Type: number

Range: 0-5

artifact-location

Description: The location of artifact resolution service. (ex. /SAML/POST)

Type: string

Format: string-rlx

authentication.saml.service-provider-list.metadata-export-service

Specification
Type object

md-export-location

Description: Specify the URI to export SP metadata (Export URI. Default is /A10SP_Metadata)

Type: string

Format: string-rlx

sign-xml

Description: Sign exported SP metadata XML with SP’s certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.saml.identity-provider-list

Specification
Type list
Block object keys

metadata

Description: URL of SAML identity provider’s metadata file

Type: string

Format: string-rlx

name

Description: SAML authentication identity provider name

Type: string

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.service-group-list

Specification
Type list
Block object keys

health-check

Description: Health Check (Monitor Name)

Type: string

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

health-check-disable

Description: Disable health check

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

lb-method

Description: ‘round-robin’: Round robin on server level;

Type: string

Supported Values: round-robin

member-list

Description: member-list is a JSON List . Please see below for l1093_member-list

Type: List

Reference Object: /axapi/v3/aam/authentication/service-group/{name}/member/{name}+{port}

name

Description: Specify AAM service group name

Type: string

Format: string-rlx

protocol

Description: ‘tcp’: TCP AAM service; ‘udp’: UDP AAM service;

Type: string

Supported Values: tcp, udp

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.service-group-list.member-list

Specification
Type list
Block object keys

member-priority

Description: Priority of Port in the Group

Type: number

Range: 1-16

member-state

Description: ‘enable’: Enable member service port; ‘disable’: Disable member service port;

Type: string

Supported Values: enable, disable

Default: enable

name

Description: Member name

Type: string

Format: comp-string

port

Description: Port number

Type: number

Range: 1-65534

Default: 65534

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.global

Specification
Type object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.global.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘requests’: Total Authentication Request; ‘responses’: Total Authentication Response; ‘misses’: Total Authentication Request Missed; ‘ocsp-stapling-requests-to-a10authd’: Total OCSP Stapling Request; ‘ocsp-stapling-responses-from-a10authd’: Total OCSP Stapling Response; ‘opened-socket’: Total AAM Socket Opened; ‘open-socket-failed’: Total AAM Open Socket Failed; ‘connect’: Total AAM Connection; ‘connect-failed’: Total AAM Connect Failed; ‘created-timer’: Total AAM Timer Created; ‘create-timer-failed’: Total AAM Timer Creation Failed; ‘total-request’: Total Request Received by A10 Auth Service; ‘get-socket-option-failed’: Total AAM Get Socket Option Failed; ‘aflex-authz-succ’: Total Authorization success number in aFleX; ‘aflex-authz-fail’: Total Authorization failure number in aFleX;

Type: string

Supported Values: all, requests, responses, misses, ocsp-stapling-requests-to-a10authd, ocsp-stapling-responses-from-a10authd, opened-socket, open-socket-failed, connect, connect-failed, created-timer, create-timer-failed, total-request, get-socket-option-failed, aflex-authz-succ, aflex-authz-fail

authentication.server

Specification
Type object

ldap

Description: ldap is a JSON Block . Please see below for l1093_ldap

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/ldap

ocsp

Description: ocsp is a JSON Block . Please see below for l1093_ocsp

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/ocsp

radius

Description: radius is a JSON Block . Please see below for l1093_radius

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/radius

windows

Description: windows is a JSON Block . Please see below for l1093_windows

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/windows

authentication.server.windows

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/windows/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.server.windows.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘kerberos-request-send’: Total Kerberos Request; ‘kerberos-response-get’: Total Kerberos Response; ‘kerberos-timeout-error’: Total Kerberos Timeout; ‘kerberos-other-error’: Total Kerberos Other Error; ‘ntlm-authentication-success’: Total NTLM Authentication Success; ‘ntlm-authentication-failure’: Total NTLM Authentication Failure; ‘ntlm-proto-negotiation-success’: Total NTLM Protocol Negotiation Success; ‘ntlm-proto-negotiation-failure’: Total NTLM Protocol Negotiation Failure; ‘ntlm-session-setup-success’: Total NTLM Session Setup Success; ‘ntlm-session-setup-failed’: Total NTLM Session Setup Failure; ‘kerberos-request-normal’: Total Kerberos Normal Request; ‘kerberos-request-dropped’: Total Kerberos Dropped Request; ‘kerberos-response-success’: Total Kerberos Success Response; ‘kerberos-response-failure’: Total Kerberos Failure Response; ‘kerberos-response-error’: Total Kerberos Error Response; ‘kerberos-response-timeout’: Total Kerberos Timeout Response; ‘kerberos-response-other’: Total Kerberos Other Response; ‘kerberos-job-start-error’: Total Kerberos Job Start Error; ‘kerberos-polling-control-error’: Total Kerberos Polling Control Error; ‘ntlm-prepare-req-success’: Total NTLM Prepare Request Success; ‘ntlm-prepare-req-failed’: Total NTLM Prepare Request Failed; ‘ntlm-timeout-error’: Total NTLM Timeout; ‘ntlm-other-error’: Total NTLM Other Error; ‘ntlm-request-normal’: Total NTLM Normal Request; ‘ntlm-request-dropped’: Total NTLM Dropped Request; ‘ntlm-response-success’: Total NTLM Success Response; ‘ntlm-response-failure’: Total NTLM Failure Response; ‘ntlm-response-error’: Total NTLM Error Response; ‘ntlm-response-timeout’: Total NTLM Timeout Response; ‘ntlm-response-other’: Total NTLM Other Response; ‘ntlm-job-start-error’: Total NTLM Job Start Error; ‘ntlm-polling-control-error’: Total NTLM Polling Control Error;

Type: string

Supported Values: all, kerberos-request-send, kerberos-response-get, kerberos-timeout-error, kerberos-other-error, ntlm-authentication-success, ntlm-authentication-failure, ntlm-proto-negotiation-success, ntlm-proto-negotiation-failure, ntlm-session-setup-success, ntlm-session-setup-failed, kerberos-request-normal, kerberos-request-dropped, kerberos-response-success, kerberos-response-failure, kerberos-response-error, kerberos-response-timeout, kerberos-response-other, kerberos-job-start-error, kerberos-polling-control-error, ntlm-prepare-req-success, ntlm-prepare-req-failed, ntlm-timeout-error, ntlm-other-error, ntlm-request-normal, ntlm-request-dropped, ntlm-response-success, ntlm-response-failure, ntlm-response-error, ntlm-response-timeout, ntlm-response-other, ntlm-job-start-error, ntlm-polling-control-error

authentication.server.windows.instance-list

Specification
Type list
Block object keys

auth-protocol

Description: auth-protocol is a JSON Block . Please see below for l1093_auth-protocol

Type: Object

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

host

Description: host is a JSON Block . Please see below for l1093_host

Type: Object

name

Description: Specify Windows authentication server name

Type: string

Format: string-rlx

realm

Description: Specify realm of Windows server

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

support-apacheds-kdc

Description: Enable weak cipher (DES CRC/MD5/MD4) and merge AS-REQ in single packet

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

timeout

Description: Specify connection timeout to server, default is 10 seconds

Type: number

Range: 1-255

Default: 10

uuid

Description: uuid of the object

Type: string

authentication.server.windows.instance-list.host

Specification
Type object

hostip

Description: Specify the Windows server’s hostname(Length 1-31) or IP address

Type: string

Format: host

Mutual Exclusion: hostip and hostipv6 are mutually exclusive

hostipv6

Description: Specify the Windows server’s IPV6 address

Type: string

Format: ipv6-address

Mutual Exclusion: hostipv6 and hostip are mutually exclusive

authentication.server.windows.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘krb_send_req_success’: Kerberos Request; ‘krb_get_resp_success’: Kerberos Response; ‘krb_timeout_error’: Kerberos Timeout; ‘krb_other_error’: Kerberos Other Error; ‘ntlm_proto_nego_success’: NTLM Protocol Negotiation Success; ‘ntlm_proto_nego_failure’: NTLM Protocol Negotiation Failure; ‘ntlm_session_setup_success’: NTLM Session Setup Success; ‘ntlm_session_setup_failure’: NTLM Session Setup Failure; ‘ntlm_prepare_req_success’: NTLM Prepare Request Success; ‘ntlm_prepare_req_error’: NTLM Prepare Request Error; ‘ntlm_auth_success’: NTLM Authentication Success; ‘ntlm_auth_failure’: NTLM Authentication Failure; ‘ntlm_timeout_error’: NTLM Timeout; ‘ntlm_other_error’: NTLM Other Error;

Type: string

Supported Values: all, krb_send_req_success, krb_get_resp_success, krb_timeout_error, krb_other_error, ntlm_proto_nego_success, ntlm_proto_nego_failure, ntlm_session_setup_success, ntlm_session_setup_failure, ntlm_prepare_req_success, ntlm_prepare_req_error, ntlm_auth_success, ntlm_auth_failure, ntlm_timeout_error, ntlm_other_error

authentication.server.windows.instance-list.auth-protocol

Specification
Type object

kerberos-disable

Description: Disable Kerberos authentication protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-port

Description: Specify the Kerbros port, default is 88

Type: number

Range: 1-65534

Default: 88

kport-hm

Description: Check Kerberos port’s health status

Type: string

Mutual Exclusion: kport-hm and kport-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

kport-hm-disable

Description: Disable configured Kerberos port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: kport-hm-disable and kport-hm are mutually exclusive

ntlm-disable

Description: Disable NTLM authentication protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-health-check

Description: Check NTLM port’s health status

Type: string

Mutual Exclusion: ntlm-health-check and ntlm-health-check-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

ntlm-health-check-disable

Description: Disable configured NTLM port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: ntlm-health-check-disable and ntlm-health-check are mutually exclusive

ntlm-version

Description: Specify NTLM version, default is 2

Type: number

Range: 1-2

Default: 2

authentication.server.ocsp

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/ocsp/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.server.ocsp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘stapling-certificate-good’: Total OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: Total OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: Total OCSP Stapling Unknown Certificate Response; ‘stapling-request-normal’: Total OSCP Stapling Normal Request; ‘stapling-request-dropped’: Total OCSP Stapling Dropped Request; ‘stapling-response-success’: Total OCSP Stapling Success Response; ‘stapling-response-failure’: Total OCSP Stapling Failure Response; ‘stapling-response-error’: Total OCSP Stapling Error Response; ‘stapling-response-timeout’: Total OCSP Stapling Timeout Response; ‘stapling-response-other’: Total OCSP Stapling Other Response; ‘request-normal’: Total OSCP Normal Request; ‘request-dropped’: Total OCSP Dropped Request; ‘response-success’: Total OCSP Success Response; ‘response-failure’: Total OCSP Failure Response; ‘response-error’: Total OCSP Error Response; ‘response-timeout’: Total OCSP Timeout Response; ‘response-other’: Total OCSP Other Response; ‘job-start-error’: Total OCSP Job Start Error; ‘polling-control-error’: Total OCSP Polling Control Error;

Type: string

Supported Values: all, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-request-normal, stapling-request-dropped, stapling-response-success, stapling-response-failure, stapling-response-error, stapling-response-timeout, stapling-response-other, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error

authentication.server.ocsp.instance-list

Specification
Type list
Block object keys

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

name

Description: Specify OCSP authentication server name

Type: string

Format: string-rlx

port-health-check

Description: Check port’s health status

Type: string

Mutual Exclusion: port-health-check and port-health-check-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-health-check-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-health-check-disable and port-health-check are mutually exclusive

responder-ca

Description: Specify the trusted OCSP responder’s CA cert filename

Type: string

responder-cert

Description: Specify the trusted OCSP responder’s cert filename

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

url

Description: Specify the OCSP server’s address (Format: http://host[:port]/ ) (The OCSP server’s address(Format: http://host[:port]/ ))

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.server.ocsp.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request’: Request; ‘certificate-good’: Good Certificate Response; ‘certificate-revoked’: Revoked Certificate Response; ‘certificate-unknown’: Unknown Certificate Response; ‘timeout’: Timeout; ‘fail’: Handle OCSP response failed; ‘stapling-request’: OCSP Stapling Request Send; ‘stapling-certificate-good’: OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: OCSP Stapling Unknown Certificate Response; ‘stapling-timeout’: OCSP Stapling Timeout; ‘stapling-fail’: Handle OCSP response failed;

Type: string

Supported Values: all, request, certificate-good, certificate-revoked, certificate-unknown, timeout, fail, stapling-request, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-timeout, stapling-fail

authentication.server.radius

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/radius/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.server.radius.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘authen_success’: Total Authentication Success; ‘authen_failure’: Total Authentication Failure; ‘authorize_success’: Total Authorization Success; ‘authorize_failure’: Total Authorization Failure; ‘access_challenge’: Total Access-Challenge Message Receive; ‘timeout_error’: Total Timeout; ‘other_error’: Total Other Error; ‘request’: Total Request; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error; ‘accounting-request-sent’: Accounting-Request Sent; ‘accounting-success’: Accounting Success; ‘accounting-failure’: Accounting Failure;

Type: string

Supported Values: all, authen_success, authen_failure, authorize_success, authorize_failure, access_challenge, timeout_error, other_error, request, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error, accounting-request-sent, accounting-success, accounting-failure

authentication.server.radius.instance-list

Specification
Type list
Block object keys

accounting-port

Description: Specify the RADIUS server’s accounting port, default is 1813

Type: number

Range: 1-65534

Default: 1813

acct-port-hm

Description: Specify accounting port health check method

Type: string

Mutual Exclusion: acct-port-hm and acct-port-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

acct-port-hm-disable

Description: Disable configured accounting port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: acct-port-hm-disable and acct-port-hm are mutually exclusive

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

host

Description: host is a JSON Block . Please see below for l1093_host

Type: Object

interval

Description: Specify the interval time for resend the request (second), default is 3 seconds (The interval time(second), default is 3 seconds)

Type: number

Range: 1-1024

Default: 3

name

Description: Specify RADIUS authentication server name

Type: string

Format: string-rlx

port

Description: Specify the RADIUS server’s authentication port, default is 1812

Type: number

Range: 1-65534

Default: 1812

port-hm

Description: Check port’s health status

Type: string

Mutual Exclusion: port-hm and port-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-hm-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-hm-disable and port-hm are mutually exclusive

retry

Description: Specify the retry number for resend the request, default is 5 (The retry number, default is 5)

Type: number

Range: 1-32

Default: 5

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

secret

Description: Specify the RADIUS server’s secret

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

secret-string

Description: The RADIUS server’s secret

Type: string

Format: password

uuid

Description: uuid of the object

Type: string

authentication.server.radius.instance-list.host

Specification
Type object

hostip

Description: Server’s hostname(Length 1-31) or IP address

Type: string

Format: host

Mutual Exclusion: hostip and hostipv6 are mutually exclusive

hostipv6

Description: Server’s IPV6 address

Type: string

Format: ipv6-address

Mutual Exclusion: hostipv6 and hostip are mutually exclusive

authentication.server.radius.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘authen_success’: Authentication Success; ‘authen_failure’: Authentication Failure; ‘authorize_success’: Authorization Success; ‘authorize_failure’: Authorization Failure; ‘access_challenge’: Access-Challenge Message Receive; ‘timeout_error’: Timeout; ‘other_error’: Other Error; ‘request’: Request; ‘accounting-request-sent’: Accounting-Request Sent; ‘accounting-success’: Accounting Success; ‘accounting-failure’: Accounting Failure;

Type: string

Supported Values: all, authen_success, authen_failure, authorize_success, authorize_failure, access_challenge, timeout_error, other_error, request, accounting-request-sent, accounting-success, accounting-failure

authentication.server.ldap

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/ldap/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.server.ldap.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘admin-bind-success’: Total Admin Bind Success; ‘admin-bind-failure’: Total Admin Bind Failure; ‘bind-success’: Total User Bind Success; ‘bind-failure’: Total User Bind Failure; ‘search-success’: Total Search Success; ‘search-failure’: Total Search Failure; ‘authorize-success’: Total Authorization Success; ‘authorize-failure’: Total Authorization Failure; ‘timeout-error’: Total Timeout; ‘other-error’: Total Other Error; ‘request’: Total Request; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error;

Type: string

Supported Values: all, admin-bind-success, admin-bind-failure, bind-success, bind-failure, search-success, search-failure, authorize-success, authorize-failure, timeout-error, other-error, request, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error

authentication.server.ldap.instance-list

Specification
Type list
Block object keys

admin-dn

Description: The LDAP server’s admin DN

Type: string

Format: string-rlx

admin-secret

Description: Specify the LDAP server’s admin secret password

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

base

Description: Specify the LDAP server’s search base

Type: string

Format: string-rlx

bind-with-dn

Description: Enforce using DN for LDAP binding(All user input name will be used to create DN)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

default-domain

Description: Specify default domain for LDAP

Type: string

derive-bind-dn

Description: derive-bind-dn is a JSON Block . Please see below for l1093_derive-bind-dn

Type: Object

dn-attribute

Description: Specify Distinguished Name attribute, default is CN

Type: string

Format: string-rlx

Default: cn

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

host

Description: host is a JSON Block . Please see below for l1093_host

Type: Object

name

Description: Specify LDAP authentication server name

Type: string

Format: string-rlx

port

Description: Specify the LDAP server’s authentication port, default is 389

Type: number

Range: 1-65534

Default: 389

port-hm

Description: Check port’s health status

Type: string

Mutual Exclusion: port-hm and port-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-hm-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-hm-disable and port-hm are mutually exclusive

pwdmaxage

Description: Specify the LDAP server’s default password expiration time (in seconds) (The LDAP server’s default password expiration time (in seconds), default is 0 (no expiration))

Type: number

Range: 0-4294967295

Default: 0

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

secret-string

Description: secret password

Type: string

Format: password

timeout

Description: Specify timout for LDAP, default is 10 seconds (The timeout, default is 10 seconds)

Type: number

Range: 1-255

Default: 10

uuid

Description: uuid of the object

Type: string

authentication.server.ldap.instance-list.host

Specification
Type object

hostip

Description: Server’s hostname(Length 1-31) or IP address

Type: string

Format: host

Mutual Exclusion: hostip and hostipv6 are mutually exclusive

hostipv6

Description: Server’s IPV6 address

Type: string

Format: ipv6-address

Mutual Exclusion: hostipv6 and hostip are mutually exclusive

authentication.server.ldap.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘admin-bind-success’: Admin Bind Success; ‘admin-bind-failure’: Admin Bind Failure; ‘bind-success’: User Bind Success; ‘bind-failure’: User Bind Failure; ‘search-success’: Search Success; ‘search-failure’: Search Failure; ‘authorize-success’: Authorization Success; ‘authorize-failure’: Authorization Failure; ‘timeout-error’: Timeout; ‘other-error’: Other Error; ‘request’: Request;

Type: string

Supported Values: all, admin-bind-success, admin-bind-failure, bind-success, bind-failure, search-success, search-failure, authorize-success, authorize-failure, timeout-error, other-error, request

authentication.server.ldap.instance-list.derive-bind-dn

Specification
Type object

username-attr

Description: Specify attribute name of username

Type: string

Format: string-rlx

authentication.template-list

Specification
Type list
Block object keys

account

Description: Specify AD domain account

Type: string

Reference Object: /axapi/v3/aam/authentication/account/kerberos-spn

accounting-server

Description: Specify a RADIUS accounting server

Type: string

Format: string-rlx

Mutual Exclusion: accounting-server and accounting-service-group are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/server/radius/instance

accounting-service-group

Description: Specify an authentication service group for RADIUS accounting

Type: string

Format: string-rlx

Mutual Exclusion: accounting-service-group and accounting-server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

cookie-domain

Description: cookie-domain is a JSON List . Please see below for l1093_cookie-domain

Type: List

cookie-domain-group

Description: cookie-domain-group is a JSON List . Please see below for l1093_cookie-domain-group

Type: List

cookie-max-age

Description: Configure Max-Age for authentication session cookie (Configure Max-Age in seconds. Default is 604800 (1 week).)

Type: number

Range: 1-2592000

Default: 604800

forward-logout-disable

Description: Disable forward logout request to backend application server. The config-field logut-url must be configured first

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log

Description: ‘use-partition-level-config’: Use configuration of authentication-log enable command; ‘enable’: Enable authentication logs for this template; ‘disable’: Disable authentication logs for this template;

Type: string

Supported Values: use-partition-level-config, enable, disable

Default: use-partition-level-config

logon

Description: Specify authentication logon (Specify authentication logon template name)

Type: string

logout-idle-timeout

Description: Specify idle logout time (Specify idle timeout in seconds, default is 300)

Type: number

Range: 1-86400

Default: 300

logout-url

Description: Specify logout url (Specify logout url string)

Type: string

Format: string-rlx

name

Description: Authentication template name

Type: string

relay

Description: Specify authentication relay (Specify authentication relay template name)

Type: string

saml-idp

Description: Specify SAML identity provider

Type: string

saml-sp

Description: Specify SAML service provider

Type: string

server

Description: Specify authentication server (Specify authentication server template name)

Type: string

Format: string-rlx

Mutual Exclusion: server and service-group are mutually exclusive

service-group

Description: Bind an authentication service group to this template (Specify authentication service group name)

Type: string

Format: string-rlx

Mutual Exclusion: service-group and server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

type

Description: ‘saml’: SAML authentication template; ‘standard’: Standard authentication template;

Type: string

Supported Values: saml, standard

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.logon

Specification
Type object

form-based-list

Description: form-based-list is a JSON List . Please see below for l1093_form-based-list

Type: List

Reference Object: /axapi/v3/aam/authentication/logon/form-based/{name}

http-authenticate

Description: http-authenticate is a JSON Block . Please see below for l1093_http-authenticate

Type: Object

Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate

authentication.logon.form-based-list

Specification
Type list
Block object keys

cp-page-cfg

Description: cp-page-cfg is a JSON Block . Please see below for l1093_cp-page-cfg

Type: Object

logon-page-cfg

Description: logon-page-cfg is a JSON Block . Please see below for l1093_logon-page-cfg

Type: Object

name

Description: Specify form-based authentication logon name

Type: string

new-pin-variable

Description: Specify new-pin variable name in form submission

Type: string

Format: string-rlx

next-token-variable

Description: Specify next-token variable name in form submission

Type: string

Format: string-rlx

portal

Description: portal is a JSON Block . Please see below for l1093_portal

Type: Object

retry

Description: Specify max. number of failure retry (Specify retry count (1 ~ 32), default is 3)

Type: number

Range: 1-32

Default: 3

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authentication.logon.form-based-list.portal

Specification
Type object

changepasswordpage

Description: Specify change password page name

Type: string

Format: string-rlx

default-portal

Description: Use default portal

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: default-portal and portal-name are mutually exclusive

failpage

Description: Specify logon fail page name (portal fail page name)

Type: string

Format: string-rlx

logon

Description: Specify logon page name

Type: string

new-pin-page

Description: Specify new PIN page name for RSA-RADIUS

Type: string

Format: string-rlx

next-token-page

Description: Specify next token page name for RSA-RADIUS

Type: string

Format: string-rlx

portal-name

Description: Specify portal name

Type: string

Mutual Exclusion: portal-name and default-portal are mutually exclusive

authentication.logon.form-based-list.logon-page-cfg

Specification
Type object

action-url

Description: Specify form submission action url

Type: string

Format: string-rlx

authz-failure-message

Description: Specify authorization failure message shown in logon page (Specify error string, default is “Authorization failed. Please contact your system administrator.”)

Type: string

Format: string-rlx

login-failure-message

Description: Specify login failure message shown in logon page (Specify error string, default is “Invalid username or password. Please try again.”)

Type: string

Format: string-rlx

passcode-variable

Description: Specify passcode variable name in form submission

Type: string

Format: string-rlx

password-variable

Description: Specify password variable name in form submission

Type: string

Format: string-rlx

username-variable

Description: Specify username variable name in form submission

Type: string

Format: string-rlx

authentication.logon.form-based-list.cp-page-cfg

Specification
Type object

changepassword-url

Description: Specify changepassword form submission action url (changepassword action url)

Type: string

Format: string-rlx

cp-cfm-pwd-enum

Description: ‘changepassword-password-confirm-variable’: Specify password confirm variable name in form submission;

Type: string

Supported Values: changepassword-password-confirm-variable

cp-cfm-pwd-var

Description: Specify password confirm variable name

Type: string

Format: string-rlx

cp-new-pwd-enum

Description: ‘changepassword-new-password-variable’: Specify new password variable name in form submission;

Type: string

Supported Values: changepassword-new-password-variable

cp-new-pwd-var

Description: Specify new password variable name

Type: string

Format: string-rlx

cp-old-pwd-enum

Description: ‘changepassword-old-password-variable’: Specify old password variable name in form submission;

Type: string

Supported Values: changepassword-old-password-variable

cp-old-pwd-var

Description: Specify old password variable name

Type: string

Format: string-rlx

cp-user-enum

Description: ‘changepassword-username-variable’: Specify username variable name in form submission;

Type: string

Supported Values: changepassword-username-variable

cp-user-var

Description: Specify username variable name

Type: string

Format: string-rlx

authentication.logon.http-authenticate

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1093_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate/instance/{name}

authentication.logon.http-authenticate.instance-list

Specification
Type list
Block object keys

auth-method

Description: auth-method is a JSON Block . Please see below for l1093_auth-method

Type: Object

name

Description: Specify HTTP-Authenticate logon name

Type: string

retry

Description: Specify max. number of failure retry (1 ~ 32), default is 3

Type: number

Range: 1-32

Default: 3

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

authentication.logon.http-authenticate.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘spn_krb_request’: SPN Kerberos Request; ‘spn_krb_success’: SPN Kerberos Success; ‘spn_krb_faiure’: SPN Kerberos Failure;

Type: string

Supported Values: all, spn_krb_request, spn_krb_success, spn_krb_faiure

authentication.logon.http-authenticate.instance-list.auth-method

Specification
Type object

basic

Description: basic is a JSON Block . Please see below for l1093_basic

Type: Object

negotiate

Description: negotiate is a JSON Block . Please see below for l1093_negotiate

Type: Object

ntlm

Description: ntlm is a JSON Block . Please see below for l1093_ntlm

Type: Object

authentication.logon.http-authenticate.instance-list.auth-method.ntlm

Specification
Type object

ntlm-enable

Description: Enable NTLM logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.logon.http-authenticate.instance-list.auth-method.negotiate

Specification
Type object

negotiate-enable

Description: Enable SPENGO logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

authentication.logon.http-authenticate.instance-list.auth-method.basic

Specification
Type object

basic-enable

Description: Enable Basic logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

basic-realm

Description: Specify realm for basic logon

Type: string

Format: string-rlx

challenge-response-form

Description: Specify challenge-response form for RSA-RADIUS authentication

Type: string

new-pin-page

Description: Specify new PIN page name for RSA-RADIUS

Type: string

Format: string-rlx

new-pin-variable

Description: Specify new PIN variable name

Type: string

Format: string-rlx

next-token-page

Description: Specify next-token page name for RSA-RADIUS

Type: string

Format: string-rlx

next-token-variable

Description: Specify next-token variable name

Type: string

Format: string-rlx

aaa-policy-list

Specification
Type list
Block object keys

aaa-rule-list

Description: aaa-rule-list is a JSON List . Please see below for l1093_aaa-rule-list

Type: List

Reference Object: /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index}

name

Description: Specify AAA policy name

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

aaa-policy-list.aaa-rule-list

Specification
Type list
Block object keys

access-list

Description: access-list is a JSON Block . Please see below for l1093_access-list

Type: Object

action

Description: ‘allow’: Allow traffic that matches this rule; ‘deny’: Deny traffic that matches this rule;

Type: string

Supported Values: allow, deny

authentication-template

Description: Specify authentication template name to bind to the AAA rule

Type: string

Reference Object: /axapi/v3/aam/authentication/template

authorize-policy

Description: Specify authorization policy to bind to the AAA rule

Type: string

Reference Object: /axapi/v3/aam/authorization/policy

domain-name

Description: Specify domain name to bind to the AAA rule (ex: a10networks.com, www.a10networks.com)

Type: string

Format: string-rlx

host

Description: host is a JSON List . Please see below for l1093_host

Type: List

index

Description: Specify AAA rule index

Type: number

Range: 1-256

match-encoded-uri

Description: Enable URL decoding for URI matching

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

port

Description: Specify port number for aaa-rule, default is 0 for all port numbers

Type: number

Range: 1-65535

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1093_sampling-enable

Type: List

uri

Description: uri is a JSON List . Please see below for l1093_uri

Type: List

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

aaa-policy-list.aaa-rule-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘total_count’: total_count; ‘hit_count’: hit_count;

Type: string

Supported Values: all, total_count, hit_count

aaa-policy-list.aaa-rule-list.uri

Specification
Type list
Block object keys

match-type

Description: ‘contains’: Match URI if request URI contains specified URI; ‘ends-with’: Match URI if request URI ends with specified URI; ‘equals’: Match URI if request URI equals specified URI; ‘starts-with’: Match URI if request URI starts with specified URI;

Type: string

Supported Values: contains, ends-with, equals, starts-with

uri-str

Description: Specify URI string

Type: string

Format: string-rlx

aaa-policy-list.aaa-rule-list.host

Specification
Type list
Block object keys

host-match-type

Description: ‘contains’: Match HOST if request HTTP HOST header contains specified hostname; ‘ends-with’: Match HOST if request HTTP HOST header ends with specified hostname; ‘equals’: Match HOST if request HTTP HOST header equals specified hostname; ‘starts-with’: Match HOST if request HTTP HOST header starts with specified hostname;

Type: string

Supported Values: contains, ends-with, equals, starts-with

host-str

Description: Specify URI string

Type: string

Format: string-rlx

aaa-policy-list.aaa-rule-list.access-list

Specification
Type object

acl-id

Description: ACL id

Type: number

Range: 1-199

Mutual Exclusion: acl-id and acl-name are mutually exclusive

acl-name

Description: ‘ip-name’: Apply an IP named access list; ‘ipv6-name’: Apply an IPv6 named access list;

Type: string

Supported Values: ip-name, ipv6-name

Mutual Exclusion: acl-name and acl-id are mutually exclusive

name

Description: Specify Named Access List

Type: string

aaa-policy-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘req’: Request; ‘req-reject’: Request Rejected; ‘req-auth’: Request Matching Authentication Template; ‘req-allow’: Request Allowed; ‘req-skip’: Request Skipped; ‘error’: Error;

Type: string

Supported Values: all, req, req-reject, req-auth, req-allow, req-skip, error

authorization

Specification
Type object

policy-list

Description: policy-list is a JSON List . Please see below for l1093_policy-list

Type: List

Reference Object: /axapi/v3/aam/authorization/policy/{name}

authorization.policy-list

Specification
Type list
Block object keys

attribute-list

Description: attribute-list is a JSON List . Please see below for l1093_attribute-list

Type: List

Reference Object: /axapi/v3/aam/authorization/policy/{name}/attribute/{attr-num}

attribute-rule

Description: Define attribute rule for authorization policy

Type: string

Format: string-rlx

name

Description: Specify authorization policy name

Type: string

server

Description: Specify a LDAP or RADIUS server for authorization (Specify a LDAP or RADIUS server name)

Type: string

Format: string-rlx

Mutual Exclusion: server and service-group are mutually exclusive

service-group

Description: Specify an authentication service group for authorization (Specify authentication service group name)

Type: string

Format: string-rlx

Mutual Exclusion: service-group and server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

authorization.policy-list.attribute-list

Specification
Type list
Block object keys

A10-AX-AUTH-URI

Description: Custom-defined attribute

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: A10-AX-AUTH-URI and attribute-name are mutually exclusive

a10-dynamic-defined

Description: The value of this attribute will depend on AX configuration instead of user configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

attr-int

Description: ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not equal; ‘less-than’: Operation type is less-than; ‘more-than’: Operation type is more-than; ‘less-than-equal-to’: Operation type is less-than-equal-to; ‘more-than-equal-to’: Operation type is more-thatn-equal-to;

Type: string

Supported Values: equal, not-equal, less-than, more-than, less-than-equal-to, more-than-equal-to

attr-int-val

Description: Set attribute value

Type: number

Range: 0-4294967295

attr-ip

Description: ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not-equal;

Type: string

Supported Values: equal, not-equal

attr-ipv4

Description: IPv4 address

Type: string

Format: ipv4-address

attr-num

Description: Set attribute ID for authorization policy

Type: number

Range: 1-32

attr-str

Description: ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;

Type: string

Supported Values: match, sub-string

attr-str-val

Description: Set attribute value

Type: string

Format: string-rlx

attr-type

Description: Specify attribute type

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

attribute-name

Description: Specify attribute name

Type: string

Mutual Exclusion: attribute-name and A10-AX-AUTH-URI are mutually exclusive

custom-attr-str

Description: ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;

Type: string

Supported Values: match, sub-string

custom-attr-type

Description: Specify attribute type

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

integer-type

Description: Attribute type is integer

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: integer-type string-type and ip-type are mutually exclusive

ip-type

Description: IP address is transformed into network byte order

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: ip-type string-type and integer-type are mutually exclusive

string-type

Description: Attribute type is string

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: string-type integer-type and ip-type are mutually exclusive

uuid

Description: uuid of the object

Type: string