aam authentication

Configure AAM authentication settings

This object allows you to configure your AAM authentication settings to determine how you authenticate a user and help you verify a user’s identity.

authentication Specification

Type Intermediate Resource
Element Name authentication
Element URI /axapi/v3/aam/authentication
Element Attributes authentication_attributes
Schema authentication schema

Operations Allowed:

Operation Method URI Payload

Get Object

GET

/axapi/v3/aam/authentication

authentication_attributes

authentication Attributes

account

Description: account is a JSON Block . Please see below for account

Type: Object

Reference Object: /axapi/v3/aam/authentication/account

global

Description: global is a JSON Block . Please see below for global

Type: Object

Reference Object: /axapi/v3/aam/authentication/global

log

Description: log is a JSON Block . Please see below for log

Type: Object

Reference Object: /axapi/v3/aam/authentication/log

logon

Description: logon is a JSON Block . Please see below for logon

Type: Object

Reference Object: /axapi/v3/aam/authentication/logon

portal-list

Description: portal-list is a JSON List . Please see below for portal-list

Type: List

Reference Object: /axapi/v3/aam/authentication/portal/{name}

relay

Description: relay is a JSON Block . Please see below for relay

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay

saml

Description: saml is a JSON Block . Please see below for saml

Type: Object

Reference Object: /axapi/v3/aam/authentication/saml

server

Description: server is a JSON Block . Please see below for server

Type: Object

Reference Object: /axapi/v3/aam/authentication/server

service-group-list

Description: service-group-list is a JSON List . Please see below for service-group-list

Type: List

Reference Object: /axapi/v3/aam/authentication/service-group/{name}

template-list

Description: template-list is a JSON List . Please see below for template-list

Type: List

Reference Object: /axapi/v3/aam/authentication/template/{name}

account

Specification
Type object

kerberos-spn-list

Description: kerberos-spn-list is a JSON List . Please see below for l1089_kerberos-spn-list

Type: List

Reference Object: /axapi/v3/aam/authentication/account/kerberos-spn/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

account.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response;

Type: string

Supported Values: all, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other

account.kerberos-spn-list

Specification
Type list
Block object keys

account

Description: Specify domain account for SPN

Type: string

Format: string-rlx

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.)

name

Description: Specify AD account name

Type: string

password

Description: Specify password of domain account

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

realm

Description: Specify Kerberos realm

Type: string

secret-string

Description: Password of AD account

Type: string

Format: password

service-principal-name

Description: Specify service principal name

Type: string

Format: string-rlx

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

portal-list

Specification
Type list
Block object keys

change-password

Description: change-password is a JSON Block . Please see below for l1089_change-password

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/change-password

logo-cfg

Description: logo-cfg is a JSON Block . Please see below for l1089_logo-cfg

Type: Object

logon

Description: logon is a JSON Block . Please see below for logon

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/logon

logon-fail

Description: logon-fail is a JSON Block . Please see below for l1089_logon-fail

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/logon-fail

name

Description: ‘default-portal’: Default portal configuration;

Type: string

Supported Values: default-portal

reset-change-password

Description: reset-change-password is a JSON Block . Please see below for l1089_reset-change-password

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/reset-change-password

reset-logon

Description: reset-logon is a JSON Block . Please see below for l1089_reset-logon

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/reset-logon

reset-logon-fail

Description: reset-logon-fail is a JSON Block . Please see below for l1089_reset-logon-fail

Type: Object

Reference Object: /axapi/v3/aam/authentication/portal/{name}/reset-logon-fail

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

portal-list.logon-fail

Specification
Type object

background

Description: background is a JSON Block . Please see below for l1089_background

Type: Object

fail-msg-cfg

Description: fail-msg-cfg is a JSON Block . Please see below for l1089_fail-msg-cfg

Type: Object

title-cfg

Description: title-cfg is a JSON Block . Please see below for l1089_title-cfg

Type: Object

uuid

Description: uuid of the object

Type: string

portal-list.logon-fail.fail-msg-cfg

Specification
Type object

fail-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: fail-color-name and fail-color-value are mutually exclusive

fail-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: fail-color-value and fail-color-name are mutually exclusive

fail-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: fail-face and fail-font-custom are mutually exclusive

fail-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: fail-font-custom and fail-face are mutually exclusive

fail-msg

Description: Configure logon failure message in default logon fail page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-size

Description: Specify font size

Type: number

Range: 1-7

fail-text

Description: Specify logon failure message (Default: Login Failed!!)

Type: string

Format: string-rlx

portal-list.logon-fail.title-cfg

Specification
Type object

title

Description: Configure title in default logon fail page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: title-color-name and title-color-value are mutually exclusive

title-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: title-color-value and title-color-name are mutually exclusive

title-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: title-face and title-font-custom are mutually exclusive

title-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: title-font-custom and title-face are mutually exclusive

title-size

Description: Specify font size

Type: number

Range: 1-7

title-text

Description: Specify title (Default: Try Too Many Times)

Type: string

Format: string-rlx

portal-list.logon-fail.background

Specification
Type object

bgcolor

Description: Specify background color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: bgcolor and bgfile are mutually exclusive

bgcolor-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: bgcolor-name and bgcolor-value are mutually exclusive

bgcolor-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: bgcolor-value and bgcolor-name are mutually exclusive

bgfile

Description: Specify background image filename

Type: string

Format: string-rlx

Mutual Exclusion: bgfile and bgcolor are mutually exclusive

bgstyle

Description: ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;

Type: string

Supported Values: tile, stretch, fit

portal-list.logo-cfg

Specification
Type object

height

Description: Specify logo image height

Type: number

Range: 50-400

logo

Description: Specify logo image filename

Type: string

Format: string-rlx

width

Description: Specify logo image width

Type: number

Range: 50-400

portal-list.reset-logon

Specification
Type object

reset

Description:

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

portal-list.reset-logon-fail

Specification
Type object

reset

Description:

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

portal-list.reset-change-password

Specification
Type object

reset

Description:

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

portal-list.logon

Specification
Type object

action-url

Description: Specify form action URL in default logon page (Default: /logon.fo)

Type: string

Format: string-rlx

background

Description: background is a JSON Block . Please see below for l1089_background

Type: Object

enable-passcode

Description: Enable passcode field in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-msg-cfg

Description: fail-msg-cfg is a JSON Block . Please see below for l1089_fail-msg-cfg

Type: Object

passcode-cfg

Description: passcode-cfg is a JSON Block . Please see below for l1089_passcode-cfg

Type: Object

passcode-var

Description: Specify passcode variable name in default logon page (Default: passcode)

Type: string

Format: string-rlx

password-cfg

Description: password-cfg is a JSON Block . Please see below for l1089_password-cfg

Type: Object

password-var

Description: Specify password variable name in default logon page (Default: pwd)

Type: string

Format: string-rlx

submit-text

Description: Specify submit button text in default logon page (Default: Log In)

Type: string

Format: string-rlx

username-cfg

Description: username-cfg is a JSON Block . Please see below for l1089_username-cfg

Type: Object

username-var

Description: Specify username variable name in default logon page (Default: user)

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

portal-list.logon.passcode-cfg

Specification
Type object

passcode

Description: Configure passcode text in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

passcode-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

passcode-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: passcode-color-name and passcode-color-value are mutually exclusive

passcode-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: passcode-color-value and passcode-color-name are mutually exclusive

passcode-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: passcode-face and passcode-font-custom are mutually exclusive

passcode-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

passcode-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: passcode-font-custom and passcode-face are mutually exclusive

passcode-size

Description: Specify font size

Type: number

Range: 1-7

passcode-text

Description: Specify passcode text (Default: Passcode)

Type: string

Format: string-rlx

portal-list.logon.background

Specification
Type object

bgcolor

Description: Specify background color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: bgcolor and bgfile are mutually exclusive

bgcolor-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: bgcolor-name and bgcolor-value are mutually exclusive

bgcolor-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: bgcolor-value and bgcolor-name are mutually exclusive

bgfile

Description: Specify background image filename

Type: string

Format: string-rlx

Mutual Exclusion: bgfile and bgcolor are mutually exclusive

bgstyle

Description: ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;

Type: string

Supported Values: tile, stretch, fit

portal-list.logon.fail-msg-cfg

Specification
Type object

authz-fail-msg

Description: Configure authorization failure message in default logon page, its text attributes follow fail-msg’s (Specify authorization failure message (Default: Authorization failed. Please contact your system administrator.))

Type: string

Format: string-rlx

fail-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: fail-color-name and fail-color-value are mutually exclusive

fail-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: fail-color-value and fail-color-name are mutually exclusive

fail-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: fail-face and fail-font-custom are mutually exclusive

fail-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: fail-font-custom and fail-face are mutually exclusive

fail-msg

Description: Configure login failure message in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fail-size

Description: Specify font size

Type: number

Range: 1-7

fail-text

Description: Specify login failure message (Default: Invalid username or password. Please try again.)

Type: string

Format: string-rlx

portal-list.logon.password-cfg

Specification
Type object

pass-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

pass-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: pass-color-name and pass-color-value are mutually exclusive

pass-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: pass-color-value and pass-color-name are mutually exclusive

pass-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: pass-face and pass-font-custom are mutually exclusive

pass-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

pass-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: pass-font-custom and pass-face are mutually exclusive

pass-size

Description: Specify font size

Type: number

Range: 1-7

pass-text

Description: Specify password text (Default: Password)

Type: string

Format: string-rlx

password

Description: Configure password text in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

portal-list.logon.username-cfg

Specification
Type object

user-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: user-color-name and user-color-value are mutually exclusive

user-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: user-color-value and user-color-name are mutually exclusive

user-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: user-face and user-font-custom are mutually exclusive

user-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: user-font-custom and user-face are mutually exclusive

user-size

Description: Specify font size

Type: number

Range: 1-7

user-text

Description: Specify username text (Default: User Name)

Type: string

Format: string-rlx

username

Description: Configure username text in default logon page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

portal-list.change-password

Specification
Type object

action-url

Description: Specify form action URL in default change password page (Default: /change.fo)

Type: string

Format: string-rlx

background

Description: background is a JSON Block . Please see below for l1089_background

Type: Object

cfm-pwd-cfg

Description: cfm-pwd-cfg is a JSON Block . Please see below for l1089_cfm-pwd-cfg

Type: Object

confirm-password-var

Description: Specify confirm password variable name in default change password page (Default: cp_cfm_pwd)

Type: string

Format: string-rlx

new-password-var

Description: Specify new password variable name in default change password page (Default: cp_new_pwd)

Type: string

Format: string-rlx

new-pwd-cfg

Description: new-pwd-cfg is a JSON Block . Please see below for l1089_new-pwd-cfg

Type: Object

old-password-var

Description: Specify old password variable name in default change password page (Default: cp_old_pwd)

Type: string

Format: string-rlx

old-pwd-cfg

Description: old-pwd-cfg is a JSON Block . Please see below for l1089_old-pwd-cfg

Type: Object

reset-text

Description: Specify reset button text in default change password page (Default: Reset)

Type: string

Format: string-rlx

submit-text

Description: Specify submit button text in default change password page (Default: Submit)

Type: string

Format: string-rlx

title-cfg

Description: title-cfg is a JSON Block . Please see below for l1089_title-cfg

Type: Object

username-cfg

Description: username-cfg is a JSON Block . Please see below for l1089_username-cfg

Type: Object

username-var

Description: Specify username variable name in default change password page (Default: cp_usr)

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

portal-list.change-password.new-pwd-cfg

Specification
Type object

new-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

new-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: new-color-name and new-color-value are mutually exclusive

new-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: new-color-value and new-color-name are mutually exclusive

new-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: new-face and new-font-custom are mutually exclusive

new-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

new-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: new-font-custom and new-face are mutually exclusive

new-password

Description: Configure new password text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

new-size

Description: Specify font size

Type: number

Range: 1-7

new-text

Description: Specify new password text (Default: New Password)

Type: string

Format: string-rlx

portal-list.change-password.title-cfg

Specification
Type object

title

Description: Configure title in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: title-color-name and title-color-value are mutually exclusive

title-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: title-color-value and title-color-name are mutually exclusive

title-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: title-face and title-font-custom are mutually exclusive

title-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

title-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: title-font-custom and title-face are mutually exclusive

title-size

Description: Specify font size

Type: number

Range: 1-7

title-text

Description: Specify title (Default: Please Change Your Password)

Type: string

Format: string-rlx

portal-list.change-password.old-pwd-cfg

Specification
Type object

old-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

old-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: old-color-name and old-color-value are mutually exclusive

old-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: old-color-value and old-color-name are mutually exclusive

old-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: old-face and old-font-custom are mutually exclusive

old-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

old-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: old-font-custom and old-face are mutually exclusive

old-password

Description: Configure old password text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

old-size

Description: Specify font size

Type: number

Range: 1-7

old-text

Description: Specify old password text (Default: Old Password)

Type: string

Format: string-rlx

portal-list.change-password.background

Specification
Type object

bgcolor

Description: Specify background color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: bgcolor and bgfile are mutually exclusive

bgcolor-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: bgcolor-name and bgcolor-value are mutually exclusive

bgcolor-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: bgcolor-value and bgcolor-name are mutually exclusive

bgfile

Description: Specify background image filename

Type: string

Format: string-rlx

Mutual Exclusion: bgfile and bgcolor are mutually exclusive

bgstyle

Description: ‘tile’: Tile; ‘stretch’: Stretch; ‘fit’: Fit;

Type: string

Supported Values: tile, stretch, fit

portal-list.change-password.cfm-pwd-cfg

Specification
Type object

cfm-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

cfm-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: cfm-color-name and cfm-color-value are mutually exclusive

cfm-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: cfm-color-value and cfm-color-name are mutually exclusive

cfm-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: cfm-face and cfm-font-custom are mutually exclusive

cfm-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

cfm-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: cfm-font-custom and cfm-face are mutually exclusive

cfm-size

Description: Specify font size

Type: number

Range: 1-7

cfm-text

Description: Specify confirm password text (Default: Confirm New Password)

Type: string

Format: string-rlx

confirm-password

Description: Configure confirm password text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

portal-list.change-password.username-cfg

Specification
Type object

user-color

Description: Specify font color

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-color-name

Description: ‘aqua’: aqua; ‘black’: black; ‘blue’: blue; ‘fuchsia’: fuchsia; ‘gray’: gray; ‘green’: green; ‘lime’: lime; ‘maroon’: maroon; ‘navy’: navy; ‘olive’: olive; ‘orange’: orange; ‘purple’: purple; ‘red’: red; ‘silver’: silver; ‘teal’: teal; ‘white’: white; ‘yellow’: yellow;

Type: string

Supported Values: aqua, black, blue, fuchsia, gray, green, lime, maroon, navy, olive, orange, purple, red, silver, teal, white, yellow

Mutual Exclusion: user-color-name and user-color-value are mutually exclusive

user-color-value

Description: Specify 6-digit HEX color value

Type: string

Mutual Exclusion: user-color-value and user-color-name are mutually exclusive

user-face

Description: ‘Arial’: Arial; ‘Courier_New’: Courier New; ‘Georgia’: Georgia; ‘Times_New_Roman’: Times New Roman; ‘Verdana’: Verdana;

Type: string

Supported Values: Arial, Courier_New, Georgia, Times_New_Roman, Verdana

Mutual Exclusion: user-face and user-font-custom are mutually exclusive

user-font

Description: Sepcify font

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-font-custom

Description: Specify custom font

Type: string

Format: string-rlx

Mutual Exclusion: user-font-custom and user-face are mutually exclusive

user-size

Description: Specify font size

Type: number

Range: 1-7

user-text

Description: Specify username text (Default: Username)

Type: string

Format: string-rlx

username

Description: Configure username text in default change password page

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log

Specification
Type object

enable

Description: This variable allows you to enable authentication logs.
Enable authentication logging and track activity for a particular user. You can examine the log files and determine when the user logged in, logged out and so on. With this information, you can troubleshoot issues with the authentication servers.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

facility

Description: Specify whether to enable authentication logs and designate the facility to use to send these messages when logs are enabled.

Type: string

Supported Values: local0, local1, local2, local3, local4, local5, local6, local7

Default: local0

uuid

Description: uuid of the object

Type: string

relay

Specification
Type object

form-based

Description: form-based is a JSON Block . Please see below for l1089_form-based

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay/form-based

http-basic

Description: http-basic is a JSON Block . Please see below for l1089_http-basic

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay/http-basic

kerberos

Description: kerberos is a JSON Block . Please see below for l1089_kerberos

Type: Object

Reference Object: /axapi/v3/aam/authentication/relay/kerberos

ntlm-list

Description: ntlm-list is a JSON List . Please see below for l1089_ntlm-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/ntlm/{name}

ws-federation-list

Description: ws-federation-list is a JSON List . Please see below for l1089_ws-federation-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/ws-federation/{name}

relay.ws-federation-list

Specification
Type list
Block object keys

application-server

Description: ‘sharepoint’: Microsoft SharePoint; ‘exchange-owa’: Microsoft Exchange OWA;

Type: string

Supported Values: sharepoint, exchange-owa

authentication-uri

Description: Specify WS-Federation relay URI, default is /_trust/

Type: string

Format: string-rlx

name

Description: Specify WS-Federation authentication relay name

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

relay.ws-federation-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request’: Request; ‘success’: Success; ‘failure’: Failure;

Type: string

Supported Values: all, request, success, failure

relay.ntlm-list

Specification
Type list
Block object keys

domain

Description: Specify NTLM domain, default is null

Type: string

name

Description: Specify NTLM authentication relay name

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

version

Description: Specify NTLM version, default is NTLM 2

Type: number

Range: 1-2

Default: 2

relay.ntlm-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘success’: Success; ‘failure’: Failure; ‘request’: Request; ‘response’: Response; ‘http-code-200’: HTTP 200 OK; ‘http-code-400’: HTTP 400 Bad Request; ‘http-code-401’: HTTP 401 Unauthorized; ‘http-code-403’: HTTP 403 Forbidden; ‘http-code-404’: HTTP 404 Not Found; ‘http-code-500’: HTTP 500 Internal Server Error; ‘http-code-503’: HTTP 503 Service Unavailable; ‘http-code-other’: Other HTTP Response; ‘buffer-alloc-fail’: Buffer Allocation Failure; ‘encoding-fail’: Encoding Failure; ‘insert-header-fail’: Insert Header Failure; ‘parse-header-fail’: Parse Header Failure; ‘internal-error’: Internal Error;

Type: string

Supported Values: all, success, failure, request, response, http-code-200, http-code-400, http-code-401, http-code-403, http-code-404, http-code-500, http-code-503, http-code-other, buffer-alloc-fail, encoding-fail, insert-header-fail, parse-header-fail, internal-error

relay.form-based

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/form-based/instance/{name}

relay.form-based.instance-list

Specification
Type list
Block object keys

name

Description: Specify form-based authentication relay name

Type: string

request-uri-list

Description: request-uri-list is a JSON List . Please see below for l1089_request-uri-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/form-based/instance/{name}/request-uri/{match-type}+{uri}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

relay.form-based.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request’: Request; ‘invalid_srv_rsp’: Invalid Server Response; ‘post_fail’: POST Failed; ‘invalid_cred’: Invalid Credential; ‘bad_req’: Bad Request; ‘not_fnd’: Not Found; ‘error’: Internal Server Error; ‘other_error’: Other Error;

Type: string

Supported Values: all, request, invalid_srv_rsp, post_fail, invalid_cred, bad_req, not_fnd, error, other_error

relay.form-based.instance-list.request-uri-list

Specification
Type list
Block object keys

action-uri

Description: Specify the action-URI

Type: string

Format: string-rlx

cookie

Description: cookie is a JSON Block . Please see below for l1089_cookie

Type: Object

domain-variable

Description: Specify domain variable name

Type: string

Format: string-rlx

match-type

Description: ‘equals’: URI exactly matches the string; ‘contains’: URI string contains another sub string; ‘starts-with’: URI string starts with sub string; ‘ends-with’: URI string ends with sub string;

Type: string

Supported Values: equals, contains, starts-with, ends-with

other-variables

Description: Specify other variables (n1=v1&n2=v2) in form relay

Type: string

Format: string-rlx

password-variable

Description: Specify password variable name

Type: string

Format: string-rlx

uri

Description: Specify request URI

Type: string

Format: string-rlx

user-tag

Description: Customized tag

Type: string

Format: string-rlx

user-variable

Description: Specify username variable name

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

relay.kerberos

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/kerberos/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

relay.kerberos.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request-send’: Total Request Send; ‘response-get’: Total Response Get; ‘timeout-error’: Total Timeout; ‘other-error’: Total Other Error; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error;

Type: string

Supported Values: all, request-send, response-get, timeout-error, other-error, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error

relay.kerberos.instance-list

Specification
Type list
Block object keys

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

kerberos-account

Description: Specify the kerberos account name

Type: string

Format: string-rlx

kerberos-kdc

Description: Specify the kerberos kdc ip or host name

Type: string

Mutual Exclusion: kerberos-kdc and kerberos-kdc-service-group are mutually exclusive

kerberos-kdc-service-group

Description: Specify an authentication service group as multiple KDCs

Type: string

Format: string-rlx

Mutual Exclusion: kerberos-kdc-service-group and kerberos-kdc are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

kerberos-realm

Description: Specify the kerberos realm

Type: string

name

Description: Specify Kerberos authentication relay name

Type: string

password

Description: Specify password of Kerberos password

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

port

Description: Specify The KDC port, default is 88

Type: number

Range: 1-65535

Default: 88

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

secret-string

Description: The kerberos client password

Type: string

Format: password

timeout

Description: Specify timeout for kerberos transport, default is 10 seconds (The timeout, default is 10 seconds)

Type: number

Range: 1-255

Default: 10

uuid

Description: uuid of the object

Type: string

relay.kerberos.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request-send’: Request Send; ‘response-receive’: Response Receive; ‘current-requests-of-user’: Current Pending Requests of User; ‘tickets’: Tickets;

Type: string

Supported Values: all, request-send, response-receive, current-requests-of-user, tickets

relay.http-basic

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/relay/http-basic/instance/{name}

relay.http-basic.instance-list

Specification
Type list
Block object keys

domain

Description: Specify user domain, default is null

Type: string

domain-format

Description: ‘user-principal-name’: Append domain with User Principal Name format. (e.g. user @ domain ); ‘down-level-logon-name’: Append domain with Down-Level Logon Name format. (e.g. domainuser);

Type: string

Supported Values: user-principal-name, down-level-logon-name

Default: down-level-logon-name

name

Description: Specify HTTP basic authentication relay name

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

relay.http-basic.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘success’: Success; ‘no-creds’: No Credential; ‘bad-req’: Bad Request; ‘unauth’: Unauthorized; ‘forbidden’: Forbidden; ‘not-found’: Not Found; ‘server-error’: Internal Server Error; ‘unavailable’: Service Unavailable;

Type: string

Supported Values: all, success, no-creds, bad-req, unauth, forbidden, not-found, server-error, unavailable

saml

Specification
Type object

global

Description: global is a JSON Block . Please see below for global

Type: Object

Reference Object: /axapi/v3/aam/authentication/saml/global

identity-provider-list

Description: identity-provider-list is a JSON List . Please see below for l1089_identity-provider-list

Type: List

Reference Object: /axapi/v3/aam/authentication/saml/identity-provider/{name}

service-provider-list

Description: service-provider-list is a JSON List . Please see below for l1089_service-provider-list

Type: List

Reference Object: /axapi/v3/aam/authentication/saml/service-provider/{name}

saml.global

Specification
Type object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

saml.global.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘requests-to-a10saml’: Total Request to A10 SAML Service; ‘responses-from-a10saml’: Total Response from A10 SAML Service; ‘sp-metadata-export-req’: Total Metadata Export Request; ‘sp-metadata-export-success’: Toal Metadata Export Success; ‘login-auth-req’: Total Login Authentication Request; ‘login-auth-resp’: Total Login Authentication Response; ‘acs-req’: Total SAML Single-Sign-On Request; ‘acs-success’: Total SAML Single-Sign-On Success; ‘acs-authz-fail’: Total SAML Single-Sign-On Authorization Fail; ‘acs-error’: Total SAML Single-Sign-On Error; ‘slo-req’: Total Single Logout Request; ‘slo-success’: Total Single Logout Success; ‘slo-error’: Total Single Logout Error; ‘other-error’: Total Other Error;

Type: string

Supported Values: all, requests-to-a10saml, responses-from-a10saml, sp-metadata-export-req, sp-metadata-export-success, login-auth-req, login-auth-resp, acs-req, acs-success, acs-authz-fail, acs-error, slo-req, slo-success, slo-error, other-error

saml.service-provider-list

Specification
Type list
Block object keys

adfs-ws-federation

Description: adfs-ws-federation is a JSON Block . Please see below for l1089_adfs-ws-federation

Type: Object

artifact-resolution-service

Description: artifact-resolution-service is a JSON List . Please see below for l1089_artifact-resolution-service

Type: List

assertion-consuming-service

Description: assertion-consuming-service is a JSON List . Please see below for l1089_assertion-consuming-service

Type: List

certificate

Description: SAML service provider certificate file (PFX format is required.)

Type: string

entity-id

Description: SAML service provider entity ID

Type: string

Format: string-rlx

metadata-export-service

Description: metadata-export-service is a JSON Block . Please see below for l1089_metadata-export-service

Type: Object

name

Description: Specify SAML authentication service provider name

Type: string

require-assertion-signed

Description: require-assertion-signed is a JSON Block . Please see below for l1089_require-assertion-signed

Type: Object

saml-request-signed

Description: saml-request-signed is a JSON Block . Please see below for l1089_saml-request-signed

Type: Object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

service-url

Description: SAML service provider service URL (ex. https://www.a10networks.com/saml.sso )

Type: string

Format: string-rlx

single-logout-service

Description: single-logout-service is a JSON List . Please see below for l1089_single-logout-service

Type: List

soap-tls-certificate-validate

Description: soap-tls-certificate-validate is a JSON Block . Please see below for l1089_soap-tls-certificate-validate

Type: Object

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

saml.service-provider-list.require-assertion-signed

Specification
Type object

require-assertion-signed-enable

Description: Enable required signing of SAML assertion

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

saml.service-provider-list.single-logout-service

Specification
Type list
Block object keys

SLO-binding

Description: ‘post’: POST binding of single logout service; ‘redirect’: Redirect binding of single logout service; ‘soap’: SOAP binding of single logout service;

Type: string

Supported Values: post, redirect, soap

SLO-location

Description: The location of name-id management service. (ex. /SAML/POST)

Type: string

Format: string-rlx

saml.service-provider-list.assertion-consuming-service

Specification
Type list
Block object keys

assertion-binding

Description: ‘artifact’: Artifact binding of assertion consuming service; ‘paos’: PAOS binding of assertion consuming service; ‘post’: POST binding of assertion consuming service;

Type: string

Supported Values: artifact, paos, post

assertion-index

Description: The index of assertion consuming service

Type: number

Range: 0-5

assertion-location

Description: The location of assertion consuming service endpoint. (ex. /SAML/POST)

Type: string

Format: string-rlx

saml.service-provider-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘sp-metadata-export-req’: Metadata Export Request; ‘sp-metadata-export-success’: Metadata Export Success; ‘login-auth-req’: Login Authentication Request; ‘login-auth-resp’: Login Authentication Response; ‘acs-req’: SAML Single-Sign-On Request; ‘acs-success’: SAML Single-Sign-On Success; ‘acs-authz-fail’: SAML Single-Sign-On Authorization Fail; ‘acs-error’: SAML Single-Sign-On Error; ‘slo-req’: Single Logout Request; ‘slo-success’: Single Logout Success; ‘slo-error’: Single Logout Error; ‘other-error’: Other Error;

Type: string

Supported Values: all, sp-metadata-export-req, sp-metadata-export-success, login-auth-req, login-auth-resp, acs-req, acs-success, acs-authz-fail, acs-error, slo-req, slo-success, slo-error, other-error

saml.service-provider-list.saml-request-signed

Specification
Type object

saml-request-signed-disable

Description: Disable signing signature for SAML (Authn/Artifact Resolve) requests

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

saml.service-provider-list.adfs-ws-federation

Specification
Type object

ws-federation-enable

Description: Enable ADFS WS-Federation

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

saml.service-provider-list.soap-tls-certificate-validate

Specification
Type object

soap-tls-certificate-validate-disable

Description: Disable verification for server certificate in TLS session when resolving artificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

saml.service-provider-list.artifact-resolution-service

Specification
Type list
Block object keys

artifact-binding

Description: ‘soap’: SOAP binding of artifact resolution service;

Type: string

Supported Values: soap

artifact-index

Description: The index of artifact resolution service

Type: number

Range: 0-5

artifact-location

Description: The location of artifact resolution service. (ex. /SAML/POST)

Type: string

Format: string-rlx

saml.service-provider-list.metadata-export-service

Specification
Type object

md-export-location

Description: Specify the URI to export SP metadata (Export URI. Default is /A10SP_Metadata)

Type: string

Format: string-rlx

sign-xml

Description: Sign exported SP metadata XML with SP’s certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

saml.identity-provider-list

Specification
Type list
Block object keys

metadata

Description: URL of SAML identity provider’s metadata file

Type: string

Format: string-rlx

name

Description: SAML authentication identity provider name

Type: string

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

service-group-list

Specification
Type list
Block object keys

health-check

Description: Health Check (Monitor Name)

Type: string

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

health-check-disable

Description: Disable health check

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

lb-method

Description: ‘round-robin’: Round robin on server level;

Type: string

Supported Values: round-robin

member-list

Description: member-list is a JSON List . Please see below for l1089_member-list

Type: List

Reference Object: /axapi/v3/aam/authentication/service-group/{name}/member/{name}+{port}

name

Description: Specify AAM service group name

Type: string

Format: string-rlx

protocol

Description: ‘tcp’: TCP AAM service; ‘udp’: UDP AAM service;

Type: string

Supported Values: tcp, udp

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

service-group-list.member-list

Specification
Type list
Block object keys

member-priority

Description: Priority of Port in the Group

Type: number

Range: 1-16

member-state

Description: ‘enable’: Enable member service port; ‘disable’: Disable member service port;

Type: string

Supported Values: enable, disable

Default: enable

name

Description: Member name

Type: string

Format: comp-string

Reference Object: /axapi/v3/aam/authentication/server/ldap

port

Description: Port number

Type: number

Range: 1-65534

Default: 65534

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

global

Specification
Type object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

global.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘requests’: Total Authentication Request; ‘responses’: Total Authentication Response; ‘misses’: Total Authentication Request Missed; ‘ocsp-stapling-requests-to-a10authd’: Total OCSP Stapling Request; ‘ocsp-stapling-responses-from-a10authd’: Total OCSP Stapling Response; ‘opened-socket’: Total AAM Socket Opened; ‘open-socket-failed’: Total AAM Open Socket Failed; ‘connect’: Total AAM Connection; ‘connect-failed’: Total AAM Connect Failed; ‘created-timer’: Total AAM Timer Created; ‘create-timer-failed’: Total AAM Timer Creation Failed; ‘total-request’: Total Request Received by A10 Auth Service; ‘get-socket-option-failed’: Total AAM Get Socket Option Failed; ‘aflex-authz-succ’: Total Authorization success number in aFleX; ‘aflex-authz-fail’: Total Authorization failure number in aFleX;

Type: string

Supported Values: all, requests, responses, misses, ocsp-stapling-requests-to-a10authd, ocsp-stapling-responses-from-a10authd, opened-socket, open-socket-failed, connect, connect-failed, created-timer, create-timer-failed, total-request, get-socket-option-failed, aflex-authz-succ, aflex-authz-fail

server

Specification
Type object

ldap

Description: ldap is a JSON Block . Please see below for l1089_ldap

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/ldap

ocsp

Description: ocsp is a JSON Block . Please see below for l1089_ocsp

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/ocsp

radius

Description: radius is a JSON Block . Please see below for l1089_radius

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/radius

windows

Description: windows is a JSON Block . Please see below for l1089_windows

Type: Object

Reference Object: /axapi/v3/aam/authentication/server/windows

server.windows

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/windows/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

server.windows.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘kerberos-request-send’: Total Kerberos Request; ‘kerberos-response-get’: Total Kerberos Response; ‘kerberos-timeout-error’: Total Kerberos Timeout; ‘kerberos-other-error’: Total Kerberos Other Error; ‘ntlm-authentication-success’: Total NTLM Authentication Success; ‘ntlm-authentication-failure’: Total NTLM Authentication Failure; ‘ntlm-proto-negotiation-success’: Total NTLM Protocol Negotiation Success; ‘ntlm-proto-negotiation-failure’: Total NTLM Protocol Negotiation Failure; ‘ntlm-session-setup-success’: Total NTLM Session Setup Success; ‘ntlm-session-setup-failed’: Total NTLM Session Setup Failure; ‘kerberos-request-normal’: Total Kerberos Normal Request; ‘kerberos-request-dropped’: Total Kerberos Dropped Request; ‘kerberos-response-success’: Total Kerberos Success Response; ‘kerberos-response-failure’: Total Kerberos Failure Response; ‘kerberos-response-error’: Total Kerberos Error Response; ‘kerberos-response-timeout’: Total Kerberos Timeout Response; ‘kerberos-response-other’: Total Kerberos Other Response; ‘kerberos-job-start-error’: Total Kerberos Job Start Error; ‘kerberos-polling-control-error’: Total Kerberos Polling Control Error; ‘ntlm-prepare-req-success’: Total NTLM Prepare Request Success; ‘ntlm-prepare-req-failed’: Total NTLM Prepare Request Failed; ‘ntlm-timeout-error’: Total NTLM Timeout; ‘ntlm-other-error’: Total NTLM Other Error; ‘ntlm-request-normal’: Total NTLM Normal Request; ‘ntlm-request-dropped’: Total NTLM Dropped Request; ‘ntlm-response-success’: Total NTLM Success Response; ‘ntlm-response-failure’: Total NTLM Failure Response; ‘ntlm-response-error’: Total NTLM Error Response; ‘ntlm-response-timeout’: Total NTLM Timeout Response; ‘ntlm-response-other’: Total NTLM Other Response; ‘ntlm-job-start-error’: Total NTLM Job Start Error; ‘ntlm-polling-control-error’: Total NTLM Polling Control Error;

Type: string

Supported Values: all, kerberos-request-send, kerberos-response-get, kerberos-timeout-error, kerberos-other-error, ntlm-authentication-success, ntlm-authentication-failure, ntlm-proto-negotiation-success, ntlm-proto-negotiation-failure, ntlm-session-setup-success, ntlm-session-setup-failed, kerberos-request-normal, kerberos-request-dropped, kerberos-response-success, kerberos-response-failure, kerberos-response-error, kerberos-response-timeout, kerberos-response-other, kerberos-job-start-error, kerberos-polling-control-error, ntlm-prepare-req-success, ntlm-prepare-req-failed, ntlm-timeout-error, ntlm-other-error, ntlm-request-normal, ntlm-request-dropped, ntlm-response-success, ntlm-response-failure, ntlm-response-error, ntlm-response-timeout, ntlm-response-other, ntlm-job-start-error, ntlm-polling-control-error

server.windows.instance-list

Specification
Type list
Block object keys

auth-protocol

Description: auth-protocol is a JSON Block . Please see below for l1089_auth-protocol

Type: Object

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

host

Description: host is a JSON Block . Please see below for l1089_host

Type: Object

name

Description: Specify Windows authentication server name

Type: string

Format: string-rlx

realm

Description: Specify realm of Windows server

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

support-apacheds-kdc

Description: Enable weak cipher (DES CRC/MD5/MD4) and merge AS-REQ in single packet

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

timeout

Description: Specify connection timeout to server, default is 10 seconds

Type: number

Range: 1-255

Default: 10

uuid

Description: uuid of the object

Type: string

server.windows.instance-list.host

Specification
Type object

hostip

Description: Specify the Windows server’s hostname(Length 1-31) or IP address

Type: string

Format: host

Mutual Exclusion: hostip and hostipv6 are mutually exclusive

hostipv6

Description: Specify the Windows server’s IPV6 address

Type: string

Format: ipv6-address

Mutual Exclusion: hostipv6 and hostip are mutually exclusive

server.windows.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘krb_send_req_success’: Kerberos Request; ‘krb_get_resp_success’: Kerberos Response; ‘krb_timeout_error’: Kerberos Timeout; ‘krb_other_error’: Kerberos Other Error; ‘ntlm_proto_nego_success’: NTLM Protocol Negotiation Success; ‘ntlm_proto_nego_failure’: NTLM Protocol Negotiation Failure; ‘ntlm_session_setup_success’: NTLM Session Setup Success; ‘ntlm_session_setup_failure’: NTLM Session Setup Failure; ‘ntlm_prepare_req_success’: NTLM Prepare Request Success; ‘ntlm_prepare_req_error’: NTLM Prepare Request Error; ‘ntlm_auth_success’: NTLM Authentication Success; ‘ntlm_auth_failure’: NTLM Authentication Failure; ‘ntlm_timeout_error’: NTLM Timeout; ‘ntlm_other_error’: NTLM Other Error;

Type: string

Supported Values: all, krb_send_req_success, krb_get_resp_success, krb_timeout_error, krb_other_error, ntlm_proto_nego_success, ntlm_proto_nego_failure, ntlm_session_setup_success, ntlm_session_setup_failure, ntlm_prepare_req_success, ntlm_prepare_req_error, ntlm_auth_success, ntlm_auth_failure, ntlm_timeout_error, ntlm_other_error

server.windows.instance-list.auth-protocol

Specification
Type object

kerberos-disable

Description: Disable Kerberos authentication protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-port

Description: Specify the Kerbros port, default is 88

Type: number

Range: 1-65534

Default: 88

kport-hm

Description: Check Kerberos port’s health status

Type: string

Mutual Exclusion: kport-hm and kport-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

kport-hm-disable

Description: Disable configured Kerberos port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: kport-hm-disable and kport-hm are mutually exclusive

ntlm-disable

Description: Disable NTLM authentication protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-health-check

Description: Check NTLM port’s health status

Type: string

Mutual Exclusion: ntlm-health-check and ntlm-health-check-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

ntlm-health-check-disable

Description: Disable configured NTLM port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: ntlm-health-check-disable and ntlm-health-check are mutually exclusive

ntlm-version

Description: Specify NTLM version, default is 2

Type: number

Range: 1-2

Default: 2

server.ocsp

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/ocsp/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

server.ocsp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘stapling-certificate-good’: Total OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: Total OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: Total OCSP Stapling Unknown Certificate Response; ‘stapling-request-normal’: Total OSCP Stapling Normal Request; ‘stapling-request-dropped’: Total OCSP Stapling Dropped Request; ‘stapling-response-success’: Total OCSP Stapling Success Response; ‘stapling-response-failure’: Total OCSP Stapling Failure Response; ‘stapling-response-error’: Total OCSP Stapling Error Response; ‘stapling-response-timeout’: Total OCSP Stapling Timeout Response; ‘stapling-response-other’: Total OCSP Stapling Other Response; ‘request-normal’: Total OSCP Normal Request; ‘request-dropped’: Total OCSP Dropped Request; ‘response-success’: Total OCSP Success Response; ‘response-failure’: Total OCSP Failure Response; ‘response-error’: Total OCSP Error Response; ‘response-timeout’: Total OCSP Timeout Response; ‘response-other’: Total OCSP Other Response; ‘job-start-error’: Total OCSP Job Start Error; ‘polling-control-error’: Total OCSP Polling Control Error;

Type: string

Supported Values: all, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-request-normal, stapling-request-dropped, stapling-response-success, stapling-response-failure, stapling-response-error, stapling-response-timeout, stapling-response-other, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error

server.ocsp.instance-list

Specification
Type list
Block object keys

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

name

Description: Specify OCSP authentication server name

Type: string

Format: string-rlx

port-health-check

Description: Check port’s health status

Type: string

Mutual Exclusion: port-health-check and port-health-check-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-health-check-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-health-check-disable and port-health-check are mutually exclusive

responder-ca

Description: Specify the trusted OCSP responder’s CA cert filename

Type: string

responder-cert

Description: Specify the trusted OCSP responder’s cert filename

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

url

Description: Specify the OCSP server’s address (Format: http://host[:port]/ ) (The OCSP server’s address(Format: http://host[:port]/ ))

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

server.ocsp.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request’: Request; ‘certificate-good’: Good Certificate Response; ‘certificate-revoked’: Revoked Certificate Response; ‘certificate-unknown’: Unknown Certificate Response; ‘timeout’: Timeout; ‘fail’: Handle OCSP response failed; ‘stapling-request’: OCSP Stapling Request Send; ‘stapling-certificate-good’: OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: OCSP Stapling Unknown Certificate Response; ‘stapling-timeout’: OCSP Stapling Timeout; ‘stapling-fail’: Handle OCSP response failed;

Type: string

Supported Values: all, request, certificate-good, certificate-revoked, certificate-unknown, timeout, fail, stapling-request, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-timeout, stapling-fail

server.radius

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/radius/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

server.radius.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘authen_success’: Total Authentication Success; ‘authen_failure’: Total Authentication Failure; ‘authorize_success’: Total Authorization Success; ‘authorize_failure’: Total Authorization Failure; ‘access_challenge’: Total Access-Challenge Message Receive; ‘timeout_error’: Total Timeout; ‘other_error’: Total Other Error; ‘request’: Total Request; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error; ‘accounting-request-sent’: Accounting-Request Sent; ‘accounting-success’: Accounting Success; ‘accounting-failure’: Accounting Failure;

Type: string

Supported Values: all, authen_success, authen_failure, authorize_success, authorize_failure, access_challenge, timeout_error, other_error, request, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error, accounting-request-sent, accounting-success, accounting-failure

server.radius.instance-list

Specification
Type list
Block object keys

accounting-port

Description: Specify the RADIUS server’s accounting port, default is 1813

Type: number

Range: 1-65534

Default: 1813

acct-port-hm

Description: Specify accounting port health check method

Type: string

Mutual Exclusion: acct-port-hm and acct-port-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

acct-port-hm-disable

Description: Disable configured accounting port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: acct-port-hm-disable and acct-port-hm are mutually exclusive

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

host

Description: host is a JSON Block . Please see below for l1089_host

Type: Object

interval

Description: Specify the interval time for resend the request (second), default is 3 seconds (The interval time(second), default is 3 seconds)

Type: number

Range: 1-1024

Default: 3

name

Description: Specify RADIUS authentication server name

Type: string

Format: string-rlx

port

Description: Specify the RADIUS server’s authentication port, default is 1812

Type: number

Range: 1-65534

Default: 1812

port-hm

Description: Check port’s health status

Type: string

Mutual Exclusion: port-hm and port-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-hm-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-hm-disable and port-hm are mutually exclusive

retry

Description: Specify the retry number for resend the request, default is 5 (The retry number, default is 5)

Type: number

Range: 1-32

Default: 5

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

secret

Description: Specify the RADIUS server’s secret

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

secret-string

Description: The RADIUS server’s secret

Type: string

Format: password

uuid

Description: uuid of the object

Type: string

server.radius.instance-list.host

Specification
Type object

hostip

Description: Server’s hostname(Length 1-31) or IP address

Type: string

Format: host

Mutual Exclusion: hostip and hostipv6 are mutually exclusive

hostipv6

Description: Server’s IPV6 address

Type: string

Format: ipv6-address

Mutual Exclusion: hostipv6 and hostip are mutually exclusive

server.radius.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘authen_success’: Authentication Success; ‘authen_failure’: Authentication Failure; ‘authorize_success’: Authorization Success; ‘authorize_failure’: Authorization Failure; ‘access_challenge’: Access-Challenge Message Receive; ‘timeout_error’: Timeout; ‘other_error’: Other Error; ‘request’: Request; ‘accounting-request-sent’: Accounting-Request Sent; ‘accounting-success’: Accounting Success; ‘accounting-failure’: Accounting Failure;

Type: string

Supported Values: all, authen_success, authen_failure, authorize_success, authorize_failure, access_challenge, timeout_error, other_error, request, accounting-request-sent, accounting-success, accounting-failure

server.ldap

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/ldap/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

server.ldap.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘admin-bind-success’: Total Admin Bind Success; ‘admin-bind-failure’: Total Admin Bind Failure; ‘bind-success’: Total User Bind Success; ‘bind-failure’: Total User Bind Failure; ‘search-success’: Total Search Success; ‘search-failure’: Total Search Failure; ‘authorize-success’: Total Authorization Success; ‘authorize-failure’: Total Authorization Failure; ‘timeout-error’: Total Timeout; ‘other-error’: Total Other Error; ‘request’: Total Request; ‘request-normal’: Total Normal Request; ‘request-dropped’: Total Dropped Request; ‘response-success’: Total Success Response; ‘response-failure’: Total Failure Response; ‘response-error’: Total Error Response; ‘response-timeout’: Total Timeout Response; ‘response-other’: Total Other Response; ‘job-start-error’: Total Job Start Error; ‘polling-control-error’: Total Polling Control Error;

Type: string

Supported Values: all, admin-bind-success, admin-bind-failure, bind-success, bind-failure, search-success, search-failure, authorize-success, authorize-failure, timeout-error, other-error, request, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error

server.ldap.instance-list

Specification
Type list
Block object keys

admin-dn

Description: The LDAP server’s admin DN

Type: string

Format: string-rlx

admin-secret

Description: Specify the LDAP server’s admin secret password

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

base

Description: Specify the LDAP server’s search base

Type: string

Format: string-rlx

bind-with-dn

Description: Enforce using DN for LDAP binding(All user input name will be used to create DN)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

default-domain

Description: Specify default domain for LDAP

Type: string

derive-bind-dn

Description: derive-bind-dn is a JSON Block . Please see below for l1089_derive-bind-dn

Type: Object

dn-attribute

Description: Specify Distinguished Name attribute, default is CN

Type: string

Format: string-rlx

Default: cn

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

host

Description: host is a JSON Block . Please see below for l1089_host

Type: Object

name

Description: Specify LDAP authentication server name

Type: string

Format: string-rlx

port

Description: Specify the LDAP server’s authentication port, default is 389

Type: number

Range: 1-65534

Default: 389

port-hm

Description: Check port’s health status

Type: string

Mutual Exclusion: port-hm and port-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-hm-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-hm-disable and port-hm are mutually exclusive

pwdmaxage

Description: Specify the LDAP server’s default password expiration time (in seconds) (The LDAP server’s default password expiration time (in seconds), default is 0 (no expiration))

Type: number

Range: 0-4294967295

Default: 0

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

secret-string

Description: secret password

Type: string

Format: password

timeout

Description: Specify timout for LDAP, default is 10 seconds (The timeout, default is 10 seconds)

Type: number

Range: 1-255

Default: 10

uuid

Description: uuid of the object

Type: string

server.ldap.instance-list.host

Specification
Type object

hostip

Description: Server’s hostname(Length 1-31) or IP address

Type: string

Format: host

Mutual Exclusion: hostip and hostipv6 are mutually exclusive

hostipv6

Description: Server’s IPV6 address

Type: string

Format: ipv6-address

Mutual Exclusion: hostipv6 and hostip are mutually exclusive

server.ldap.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘admin-bind-success’: Admin Bind Success; ‘admin-bind-failure’: Admin Bind Failure; ‘bind-success’: User Bind Success; ‘bind-failure’: User Bind Failure; ‘search-success’: Search Success; ‘search-failure’: Search Failure; ‘authorize-success’: Authorization Success; ‘authorize-failure’: Authorization Failure; ‘timeout-error’: Timeout; ‘other-error’: Other Error; ‘request’: Request;

Type: string

Supported Values: all, admin-bind-success, admin-bind-failure, bind-success, bind-failure, search-success, search-failure, authorize-success, authorize-failure, timeout-error, other-error, request

server.ldap.instance-list.derive-bind-dn

Specification
Type object

username-attr

Description: Specify attribute name of username

Type: string

Format: string-rlx

template-list

Specification
Type list
Block object keys

account

Description: Specify AD domain account

Type: string

Reference Object: /axapi/v3/aam/authentication/account/kerberos-spn

accounting-server

Description: Specify a RADIUS accounting server

Type: string

Format: string-rlx

Mutual Exclusion: accounting-server and accounting-service-group are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/server/radius/instance

accounting-service-group

Description: Specify an authentication service group for RADIUS accounting

Type: string

Format: string-rlx

Mutual Exclusion: accounting-service-group and accounting-server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

cookie-domain

Description: cookie-domain is a JSON List . Please see below for l1089_cookie-domain

Type: List

cookie-domain-group

Description: cookie-domain-group is a JSON List . Please see below for l1089_cookie-domain-group

Type: List

cookie-max-age

Description: Configure Max-Age for authentication session cookie (Configure Max-Age in seconds. Default is 604800 (1 week).)

Type: number

Range: 1-2592000

Default: 604800

forward-logout-disable

Description: Disable forward logout request to backend application server. The config-field logut-url must be configured first

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log

Description: ‘use-partition-level-config’: Use configuration of authentication-log enable command; ‘enable’: Enable authentication logs for this template; ‘disable’: Disable authentication logs for this template;

Type: string

Supported Values: use-partition-level-config, enable, disable

Default: use-partition-level-config

logon

Description: Specify authentication logon (Specify authentication logon template name)

Type: string

Reference Object: /axapi/v3/aam/authentication/logon/form-based

logout-idle-timeout

Description: Specify idle logout time (Specify idle timeout in seconds, default is 300)

Type: number

Range: 1-86400

Default: 300

logout-url

Description: Specify logout url (Specify logout url string)

Type: string

Format: string-rlx

name

Description: Authentication template name

Type: string

relay

Description: Specify authentication relay (Specify authentication relay template name)

Type: string

Reference Object: /axapi/v3/aam/authentication/relay/http-basic/instance

saml-idp

Description: Specify SAML identity provider

Type: string

saml-sp

Description: Specify SAML service provider

Type: string

server

Description: Specify authentication server (Specify authentication server template name)

Type: string

Format: string-rlx

Mutual Exclusion: server and service-group are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/server/ldap/instance

service-group

Description: Bind an authentication service group to this template (Specify authentication service group name)

Type: string

Format: string-rlx

Mutual Exclusion: service-group and server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

type

Description: ‘saml’: SAML authentication template; ‘standard’: Standard authentication template;

Type: string

Supported Values: saml, standard

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

logon

Specification
Type object

form-based-list

Description: form-based-list is a JSON List . Please see below for l1089_form-based-list

Type: List

Reference Object: /axapi/v3/aam/authentication/logon/form-based/{name}

http-authenticate

Description: http-authenticate is a JSON Block . Please see below for l1089_http-authenticate

Type: Object

Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate

logon.form-based-list

Specification
Type list
Block object keys

cp-page-cfg

Description: cp-page-cfg is a JSON Block . Please see below for l1089_cp-page-cfg

Type: Object

logon-page-cfg

Description: logon-page-cfg is a JSON Block . Please see below for l1089_logon-page-cfg

Type: Object

name

Description: Specify form-based authentication logon name

Type: string

new-pin-variable

Description: Specify new-pin variable name in form submission

Type: string

Format: string-rlx

next-token-variable

Description: Specify next-token variable name in form submission

Type: string

Format: string-rlx

portal

Description: portal is a JSON Block . Please see below for l1089_portal

Type: Object

retry

Description: Specify max. number of failure retry (Specify retry count (1 ~ 32), default is 3)

Type: number

Range: 1-32

Default: 3

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

logon.form-based-list.portal

Specification
Type object

changepasswordpage

Description: Specify change password page name

Type: string

Format: string-rlx

default-portal

Description: Use default portal

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: default-portal and portal-name are mutually exclusive

failpage

Description: Specify logon fail page name (portal fail page name)

Type: string

Format: string-rlx

logon

Description: Specify logon page name

Type: string

new-pin-page

Description: Specify new PIN page name for RSA-RADIUS

Type: string

Format: string-rlx

next-token-page

Description: Specify next token page name for RSA-RADIUS

Type: string

Format: string-rlx

portal-name

Description: Specify portal name

Type: string

Mutual Exclusion: portal-name and default-portal are mutually exclusive

logon.form-based-list.logon-page-cfg

Specification
Type object

action-url

Description: Specify form submission action url

Type: string

Format: string-rlx

authz-failure-message

Description: Specify authorization failure message shown in logon page (Specify error string, default is “Authorization failed. Please contact your system administrator.”)

Type: string

Format: string-rlx

login-failure-message

Description: Specify login failure message shown in logon page (Specify error string, default is “Invalid username or password. Please try again.”)

Type: string

Format: string-rlx

passcode-variable

Description: Specify passcode variable name in form submission

Type: string

Format: string-rlx

password-variable

Description: Specify password variable name in form submission

Type: string

Format: string-rlx

username-variable

Description: Specify username variable name in form submission

Type: string

Format: string-rlx

logon.form-based-list.cp-page-cfg

Specification
Type object

changepassword-url

Description: Specify changepassword form submission action url (changepassword action url)

Type: string

Format: string-rlx

cp-cfm-pwd-enum

Description: ‘changepassword-password-confirm-variable’: Specify password confirm variable name in form submission;

Type: string

Supported Values: changepassword-password-confirm-variable

cp-cfm-pwd-var

Description: Specify password confirm variable name

Type: string

Format: string-rlx

cp-new-pwd-enum

Description: ‘changepassword-new-password-variable’: Specify new password variable name in form submission;

Type: string

Supported Values: changepassword-new-password-variable

cp-new-pwd-var

Description: Specify new password variable name

Type: string

Format: string-rlx

cp-old-pwd-enum

Description: ‘changepassword-old-password-variable’: Specify old password variable name in form submission;

Type: string

Supported Values: changepassword-old-password-variable

cp-old-pwd-var

Description: Specify old password variable name

Type: string

Format: string-rlx

cp-user-enum

Description: ‘changepassword-username-variable’: Specify username variable name in form submission;

Type: string

Supported Values: changepassword-username-variable

cp-user-var

Description: Specify username variable name

Type: string

Format: string-rlx

logon.http-authenticate

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1089_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate/instance/{name}

logon.http-authenticate.instance-list

Specification
Type list
Block object keys

auth-method

Description: auth-method is a JSON Block . Please see below for l1089_auth-method

Type: Object

name

Description: Specify HTTP-Authenticate logon name

Type: string

retry

Description: Specify max. number of failure retry (1 ~ 32), default is 3

Type: number

Range: 1-32

Default: 3

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1089_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

logon.http-authenticate.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘spn_krb_request’: SPN Kerberos Request; ‘spn_krb_success’: SPN Kerberos Success; ‘spn_krb_faiure’: SPN Kerberos Failure;

Type: string

Supported Values: all, spn_krb_request, spn_krb_success, spn_krb_faiure

logon.http-authenticate.instance-list.auth-method

Specification
Type object

basic

Description: basic is a JSON Block . Please see below for l1089_basic

Type: Object

negotiate

Description: negotiate is a JSON Block . Please see below for l1089_negotiate

Type: Object

ntlm

Description: ntlm is a JSON Block . Please see below for l1089_ntlm

Type: Object

logon.http-authenticate.instance-list.auth-method.ntlm

Specification
Type object

ntlm-enable

Description: Enable NTLM logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

logon.http-authenticate.instance-list.auth-method.negotiate

Specification
Type object

negotiate-enable

Description: Enable SPENGO logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

logon.http-authenticate.instance-list.auth-method.basic

Specification
Type object

basic-enable

Description: Enable Basic logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

basic-realm

Description: Specify realm for basic logon

Type: string

Format: string-rlx

challenge-response-form

Description: Specify challenge-response form for RSA-RADIUS authentication

Type: string

new-pin-page

Description: Specify new PIN page name for RSA-RADIUS

Type: string

Format: string-rlx

new-pin-variable

Description: Specify new PIN variable name

Type: string

Format: string-rlx

next-token-page

Description: Specify next-token page name for RSA-RADIUS

Type: string

Format: string-rlx

next-token-variable

Description: Specify next-token variable name

Type: string

Format: string-rlx