aam authorization

Authorization related settings. Authorization occurs after authentication and determines the privileges that are associated with the user who is being authenticated. Authorization determines what an authenticated user can view on the specified web site or database.

authorization Specification

Type Intermediate Resource
Element Name authorization
Element URI /axapi/v3/aam/authorization
Element Attributes authorization_attributes
Schema authorization schema

Operations Allowed:

Operation Method URI Payload

Get Object

GET

/axapi/v3/aam/authorization

authorization_attributes

authorization Attributes

policy-list

Description: policy-list is a JSON List . Please see below for policy-list

Type: List

Reference Object: /axapi/v3/aam/authorization/policy/{name}

policy-list

Specification
Type list
Block object keys

attribute-list

Description: attribute-list is a JSON List . Please see below for l1092_attribute-list

Type: List

Reference Object: /axapi/v3/aam/authorization/policy/{name}/attribute/{attr-num}

attribute-rule

Description: Define attribute rule for authorization policy

Type: string

Format: string-rlx

name

Description: Specify authorization policy name

Type: string

server

Description: Specify a LDAP or RADIUS server for authorization (Specify a LDAP or RADIUS server name)

Type: string

Format: string-rlx

Mutual Exclusion: server and service-group are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/server/ldap/instance

service-group

Description: Specify an authentication service group for authorization (Specify authentication service group name)

Type: string

Format: string-rlx

Mutual Exclusion: service-group and server are mutually exclusive

Reference Object: /axapi/v3/aam/authentication/service-group

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

policy-list.attribute-list

Specification
Type list
Block object keys

A10-AX-AUTH-URI

Description: Custom-defined attribute

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: A10-AX-AUTH-URI and attribute-name are mutually exclusive

a10-dynamic-defined

Description: The value of this attribute will depend on AX configuration instead of user configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

attr-int

Description: ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not equal; ‘less-than’: Operation type is less-than; ‘more-than’: Operation type is more-than; ‘less-than-equal-to’: Operation type is less-than-equal-to; ‘more-than-equal-to’: Operation type is more-thatn-equal-to;

Type: string

Supported Values: equal, not-equal, less-than, more-than, less-than-equal-to, more-than-equal-to

attr-int-val

Description: Set attribute value

Type: number

Range: 0-4294967295

attr-ip

Description: ‘equal’: Operation type is equal; ‘not-equal’: Operation type is not-equal;

Type: string

Supported Values: equal, not-equal

attr-ipv4

Description: IPv4 address

Type: string

Format: ipv4-address

attr-num

Description: Set attribute ID for authorization policy

Type: number

Range: 1-32

attr-str

Description: ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;

Type: string

Supported Values: match, sub-string

attr-str-val

Description: Set attribute value

Type: string

Format: string-rlx

attr-type

Description: Specify attribute type

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

attribute-name

Description: Specify attribute name

Type: string

Mutual Exclusion: attribute-name and A10-AX-AUTH-URI are mutually exclusive

custom-attr-str

Description: ‘match’: Operation type is match; ‘sub-string’: Operation type is sub-string;

Type: string

Supported Values: match, sub-string

custom-attr-type

Description: Specify attribute type

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

integer-type

Description: Attribute type is integer

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: integer-type string-type and ip-type are mutually exclusive

ip-type

Description: IP address is transformed into network byte order

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: ip-type string-type and integer-type are mutually exclusive

string-type

Description: Attribute type is string

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: string-type integer-type and ip-type are mutually exclusive

uuid

Description: uuid of the object

Type: string