Returns all token attribute rules for a trust document. This operation can be performed by the REST service or client. Only token attribute mapping is supported on the client side.
| Media Types: | application/json |
The response body contains information about all token attribute rules, including:
| Attribute | Description |
|---|---|
"attributes" |
Groups the constraints filter and mapping attributes for trusted users.
Note: This attribute is not required on the client side. |
"-dn" |
On the service side, trusted DN for which you are configuring an attribute rule. The string conforms to RFC 2253, as described at the following URL: http://www.ietf.org/rfc/rfc2253.txt
On the client side, URL specified using the following format: |
"filter" |
Defines the filter values for trusted users and attributes.
You can enter a complete name or a name pattern with a wildcard character (*), such as |
"mapping" |
Defines the mapping attributes for trusted users.
Note: This attribute is not applicable on the client side. |
"-name" |
Name of the attribute rule.
Note: This attribute is not applicable on the client side. |
"name-id" |
Defines the users that are accepted for the trusted DN. |
"token-attribute-rule" |
Groups information about a single token attribute rule. |
"tokn-attribute-rules" |
Groups information about all token attribute rules. |
"user-attribute" |
Defines the user attribute that the trusted DN can assert.
Note: This attribute is not applicable on the client side. |
"user-mapping-attribute" |
Defines the user mapping attribute that the trusted DN can assert. |
"value" |
Defines values for the constraint filter attribute. This value can be a full name or name pattern with a wildcard character (*), such as "yourTrusted*". Multiple values must be separated by a comma. |
The following example shows how to view all token attribute rules by submitting a GET request on the REST resource using cURL. For more information, see "cURL Access".
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trust/token
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body—Service Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the service side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "cn=orcladmin,o=oracle",
"attributes":
[
{
"-name": "tenant1",
"attribute":
{
"filter":
{
"value": [
"filter1",
"filter2"
]
},
"mapping":{
"user-attribute": "val1",
"user-mapping-attribute":"val2"
}
}
}
],
"name-id":{
"filter":
{
"value":[ "filter1" ]
},
"mapping":
{
"user-attribute": "val3",
"user-mapping-attribute":"val4"
}
}
}
]
}
}
Example of Response Body - Client Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the client side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"mail"
}
},
}
]
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/mysvcInstance1-acme/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"uid"
}
},
}
]
}
}