aam authentication template

Configure an authentication template. You can use authentication templates to bind security resources to SLB resources (typically, an HTTP virtual port).

template Specification

Type Collection
Object Key(s) name
Collection Name template-list
Collection URI /axapi/v3/aam/authentication/template/
Element Name template
Element URI /axapi/v3/aam/authentication/template/{name}
Element Attributes template_attributes
Schema template schema

Operations Allowed:

Operation Method URI Payload

Create Object

POST

/axapi/v3/aam/authentication/template/

template Attributes

Create List

POST

/axapi/v3/aam/authentication/template/

template Attributes

Get Object

GET

/axapi/v3/aam/authentication/template/{name}

template Attributes

Get List

GET

/axapi/v3/aam/authentication/template/

template-list

Modify Object

POST

/axapi/v3/aam/authentication/template/{name}

template Attributes

Replace Object

PUT

/axapi/v3/aam/authentication/template/{name}

template Attributes

Replace List

PUT

/axapi/v3/aam/authentication/template/

template-list

Delete Object

DELETE

/axapi/v3/aam/authentication/template/{name}

template Attributes

template-list

template-list is JSON List of template Attributes

template-list : [

template Attributes

account

Description: Specify the name of an existing AD account.

Type: string

Reference Object: /axapi/v3/aam/authentication/account/kerberos-spn

accounting-server

Description: Specify a RADIUS accounting server

Type: string

Format: string-rlx

Mutual Exclusion: accounting-server and accounting-service-group are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/server/radius/instance

accounting-service-group

Description: Specify an authentication service group for RADIUS accounting

Type: string

Format: string-rlx

Mutual Exclusion: accounting-service-group and accounting-server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

cookie-domain

Description: cookie-domain is a JSON List . Please see below for cookie-domain

Type: List

cookie-domain-group

Description: cookie-domain-group is a JSON List . Please see below for cookie-domain-group

Type: List

cookie-max-age

Description: Configure the maximum age for the authentication session cookie in seconds. For one week, use 604800.

Type: number

Range: 1-2592000

Default: 604800

forward-logout-disable

Description: Disable forward logout request to backend application server. The config-field logut-url must be configured first

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log

Description: Configure authentication logs for this template.
  • use-partition-level-config : Use the configuration of the aam_authentication_log enable command.
  • enable : Enable authentication logs for this template.
  • disable : Disable authentication logs for this template.

Type: string

Supported Values: use-partition-level-config, enable, disable

Default: use-partition-level-config

logon

Description: Name of an existing authentication logon profile.

Type: string

Reference Object: /axapi/v3/aam/authentication/logon/form-based

logout-idle-timeout

Description: Maximum amount of time an authenticated end-user session can be idle before being terminated by ACOS.

Type: number

Range: 1-86400

Default: 300

logout-url

Description: Web page to serve to end-users after they log out. Specify the logout URL string.

Type: string

Format: string-rlx

name

Description: Specify the authentication template name.

Type: string

Required: Yes

relay

Description: Name of an existing authentication-relay profile.

Type: string

Reference Object: /axapi/v3/aam/authentication/relay/http-basic/instance

saml-idp

Description: Name of the SAML identity provider.

Type: string

saml-sp

Description: Name of the SAML service provider.

Type: string

server

Description: Name of an existing authentication-server profile. Use this option instead of the service-group option, if you have only one authentication server.

Type: string

Format: string-rlx

Mutual Exclusion: server and service-group are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/server/ldap/instance

service-group

Description: Bind an authentication service group to this template. Specify the name of an existing service group of authentication servers.

Type: string

Format: string-rlx

Mutual Exclusion: service-group and server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

type

Description: Specify the type of authentication template.
  • saml : SAML authentication template.
  • standard : Standard authentication template.

Type: string

Supported Values: saml, standard

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string