aam authentication logon

Authentication logon configuration

This object provides an interface in which end-users can log in or complete tasks such as changing passwords.

Basic HTTP login allows ACOS to obtain a user name and password by sending an HTTP 401 (Not Authorized) message with response code 4.

After you enter your credentials in the login dialogue, the client browser sends an HTTP reply that includes the following header: Authorization: Basic QTEwOlRodW5kZXI=

This header contains the username and password in Base64-encoded form.

logon Specification

Type Intermediate Resource
Element Name logon
Element URI /axapi/v3/aam/authentication/logon
Element Attributes logon_attributes
Schema logon schema

Operations Allowed:

Operation Method URI Payload

Get Object

GET

/axapi/v3/aam/authentication/logon

logon_attributes

logon Attributes

form-based-list

Description: form-based-list is a JSON List . Please see below for form-based-list

Type: List

Reference Object: /axapi/v3/aam/authentication/logon/form-based/{name}

http-authenticate

Description: http-authenticate is a JSON Block . Please see below for http-authenticate

Type: Object

Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate

form-based-list

Specification
Type list
Block object keys

cp-page-cfg

Description: cp-page-cfg is a JSON Block . Please see below for l1055_cp-page-cfg

Type: Object

logon-page-cfg

Description: logon-page-cfg is a JSON Block . Please see below for l1055_logon-page-cfg

Type: Object

name

Description: Specify form-based authentication logon name

Type: string

new-pin-variable

Description: Specify new-pin variable name in form submission

Type: string

Format: string-rlx

next-token-variable

Description: Specify next-token variable name in form submission

Type: string

Format: string-rlx

portal

Description: portal is a JSON Block . Please see below for l1055_portal

Type: Object

retry

Description: Specify max. number of failure retry (Specify retry count (1 ~ 32), default is 3)

Type: number

Range: 1-32

Default: 3

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

form-based-list.portal

Specification
Type object

changepasswordpage

Description: Specify change password page name

Type: string

Format: string-rlx

default-portal

Description: Use default portal

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: default-portal and portal-name are mutually exclusive

failpage

Description: Specify logon fail page name (portal fail page name)

Type: string

Format: string-rlx

logon

Description: Specify logon page name

Type: string

new-pin-page

Description: Specify new PIN page name for RSA-RADIUS

Type: string

Format: string-rlx

next-token-page

Description: Specify next token page name for RSA-RADIUS

Type: string

Format: string-rlx

portal-name

Description: Specify portal name

Type: string

Mutual Exclusion: portal-name and default-portal are mutually exclusive

form-based-list.logon-page-cfg

Specification
Type object

action-url

Description: Specify form submission action url

Type: string

Format: string-rlx

authz-failure-message

Description: Specify authorization failure message shown in logon page (Specify error string, default is “Authorization failed. Please contact your system administrator.”)

Type: string

Format: string-rlx

login-failure-message

Description: Specify login failure message shown in logon page (Specify error string, default is “Invalid username or password. Please try again.”)

Type: string

Format: string-rlx

passcode-variable

Description: Specify passcode variable name in form submission

Type: string

Format: string-rlx

password-variable

Description: Specify password variable name in form submission

Type: string

Format: string-rlx

username-variable

Description: Specify username variable name in form submission

Type: string

Format: string-rlx

form-based-list.cp-page-cfg

Specification
Type object

changepassword-url

Description: Specify changepassword form submission action url (changepassword action url)

Type: string

Format: string-rlx

cp-cfm-pwd-enum

Description: ‘changepassword-password-confirm-variable’: Specify password confirm variable name in form submission;

Type: string

Supported Values: changepassword-password-confirm-variable

cp-cfm-pwd-var

Description: Specify password confirm variable name

Type: string

Format: string-rlx

cp-new-pwd-enum

Description: ‘changepassword-new-password-variable’: Specify new password variable name in form submission;

Type: string

Supported Values: changepassword-new-password-variable

cp-new-pwd-var

Description: Specify new password variable name

Type: string

Format: string-rlx

cp-old-pwd-enum

Description: ‘changepassword-old-password-variable’: Specify old password variable name in form submission;

Type: string

Supported Values: changepassword-old-password-variable

cp-old-pwd-var

Description: Specify old password variable name

Type: string

Format: string-rlx

cp-user-enum

Description: ‘changepassword-username-variable’: Specify username variable name in form submission;

Type: string

Supported Values: changepassword-username-variable

cp-user-var

Description: Specify username variable name

Type: string

Format: string-rlx

http-authenticate

Specification
Type object

instance-list

Description: instance-list is a JSON List . Please see below for l1055_instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/logon/http-authenticate/instance/{name}

http-authenticate.instance-list

Specification
Type list
Block object keys

auth-method

Description: auth-method is a JSON Block . Please see below for l1055_auth-method

Type: Object

name

Description: Specify HTTP-Authenticate logon name

Type: string

retry

Description: Specify max. number of failure retry (1 ~ 32), default is 3

Type: number

Range: 1-32

Default: 3

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l1055_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

http-authenticate.instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘spn_krb_request’: SPN Kerberos Request; ‘spn_krb_success’: SPN Kerberos Success; ‘spn_krb_faiure’: SPN Kerberos Failure;

Type: string

Supported Values: all, spn_krb_request, spn_krb_success, spn_krb_faiure

http-authenticate.instance-list.auth-method

Specification
Type object

basic

Description: basic is a JSON Block . Please see below for l1055_basic

Type: Object

negotiate

Description: negotiate is a JSON Block . Please see below for l1055_negotiate

Type: Object

ntlm

Description: ntlm is a JSON Block . Please see below for l1055_ntlm

Type: Object

http-authenticate.instance-list.auth-method.ntlm

Specification
Type object

ntlm-enable

Description: Enable NTLM logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

http-authenticate.instance-list.auth-method.negotiate

Specification
Type object

negotiate-enable

Description: Enable SPENGO logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

http-authenticate.instance-list.auth-method.basic

Specification
Type object

basic-enable

Description: Enable Basic logon

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

basic-realm

Description: Specify realm for basic logon

Type: string

Format: string-rlx

challenge-response-form

Description: Specify challenge-response form for RSA-RADIUS authentication

Type: string

new-pin-page

Description: Specify new PIN page name for RSA-RADIUS

Type: string

Format: string-rlx

new-pin-variable

Description: Specify new PIN variable name

Type: string

Format: string-rlx

next-token-page

Description: Specify next-token page name for RSA-RADIUS

Type: string

Format: string-rlx

next-token-variable

Description: Specify next-token variable name

Type: string

Format: string-rlx