トリガー組合せを含むポリシーを取得する
get
/policy/risk/v1/policies/{policygid}
ポリシー・ブラウザは、システムに作成された古いポリシーを確認することを希望する移行のお客様を対象としています。このAPIを使用すると、トリガー組合せの更新に必要な場合に、トリガー組合せ本文を形成できます。
リクエスト
パス・パラメータ
- policygid(required): string
ポリシーの識別子。
この操作にはリクエスト本文はありません。
先頭に戻るレスポンス
サポートされるメディア・タイプ
- application/xml
- application/json
200レスポンス
ポリシー情報
ルート・スキーマ: PolicyDetailedResponse
型:
objectポリシー・ブラウザのトリガー組合せを含むポリシー詳細
ソースの表示
-
checkpoint: string
ポリシーのチェックポイント。
-
message: string
リクエストのステータスに関連するメッセージ
-
policyDescription: string
ポリシーの説明。
-
policygid: string
ポリシーの識別子。
-
policyname: string
ポリシーの名前。
-
policyStatus: string
ポリシーのステータス。
-
rules: array rules
-
scoringEngine: string
ポリシーのスコアリング・エンジン。
-
status: string
リクエストのステータス
-
triggerCombinations: array triggerCombinations
-
weight: string
ポリシーの重み。
ネストされたスキーマ: rules
型:
ソースの表示
array- 配列: object RuleObjectDetail
ポリシー・ブラウザのPolicyDetailedResponseのルール詳細
ネストされたスキーマ: triggerCombinations
型:
ソースの表示
array- 配列: object TriggerCombinationsObject
ポリシー・ブラウザのPolicyDetailedResponseのトリガー組合せ詳細
ネストされたスキーマ: RuleObjectDetail
型:
objectポリシー・ブラウザのPolicyDetailedResponseのルール詳細
ソースの表示
-
actionGroup: string
アクション・グループ名
-
alertGroup: string
アラート・グループ名
-
rulegid: string
ルールの一意の識別子
-
ruleName: string
ルールの名前
-
ruleNotes: string
ルールの説明
-
ruleStatus: string
ルールのステータス
-
score: integer
ルールによって返されるスコア
-
weight: integer
コンテキストに複数のルールがある場合のスコアの重み。
ネストされたスキーマ: TriggerCombinationsObject
型:
objectポリシー・ブラウザのPolicyDetailedResponseのトリガー組合せ詳細
ソースの表示
-
actionGroup: string
アクション・グループ名
-
alertGroup: string
アラート・グループID
-
description: string
トリガー組合せの説明
-
score: integer
トリガー組合せのスコア
-
triggerCombinations: array triggerCombinations
ネストされたスキーマ: RuleResult
型:
objectトリガー組合せのルールおよび結果
ソースの表示
-
ruleName: string
トリガー組合せに関連付けられたルールの名前
-
ruleResult: string
トリガー組合せに関連付けられたルールの結果値
401レスポンス
未認可
500レスポンス
内部サーバー・エラー
503レスポンス
サービス使用不可
例
次の例は、ポリシーGIDに基づいてOAAMポリシーを取得するサンプルのリクエストおよびレスポンスを示します。ポリシーGIDはOAAMポリシー・エクスプローラで確認できます。
JSON形式で既存のOAAMポリシーを取得するcURLコマンド
curl --location --request GET '<PolicyUrl>/policy/risk/v1/policies/<policy_gid>' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--header 'Content-Type: application/json' \
--data '{
"description": "Assertion Level between 50 and 100",
"rules": [
{
"ruleName": "Challenge SMS Available",
"ruleResult": "ANY"
},
{
"ruleName": "Maximum failed Email attempts",
"ruleResult": "ANY"
},
{
"ruleName": "Maximum failed SMS attempts",
"ruleResult": "ANY"
},
{
"ruleName": "Maximum failed Question attempts",
"ruleResult": "ANY"
},
{
"ruleName": "Challenge Email Available",
"ruleResult": "ANY"
},
{
"ruleName": "Questions Active",
"ruleResult": "ANY"
},
{
"ruleName": "Check for High Risk Score",
"ruleResult": "ANY"
},
{
"ruleName": "Assertion Level <=50",
"ruleResult": "ANY"
},
{
"ruleName": "Assertion Level 50 -100",
"ruleResult": "TRUE"
},
{
"ruleName": "Assertion level 100-150",
"ruleResult": "ANY"
},
{
"ruleName": "AssertionLevel 150-200",
"ruleResult": "ANY"
},
{
"ruleName": "Assertion Level 200-250",
"ruleResult": "ANY"
}
],
"score": "400",
"actionGroup": "OAAM Challenge SMS",
"alertGroup": "10003"
}'
JSON形式のサンプル・レスポンス
{
"policyName": "does user have profile",
"status": "200",
"message": "Policy information.",
"policygid": "51143_424de17591ff7cb74bba3759a9fa6aaf453769e756b08693b43253d09a113439",
"policyname": "does user have profile",
"policyDescription": "This policy checks if pattern auto learning is enabled and if a user has past behavior recorded. Users with enough recorded behavior will be evaluated against their own profile while users without enough recorded behavior will be evaluated against the profiles of all other users.",
"policyStatus": "ACTIVE",
"policyStatusDisplayValue": "Active",
"checkpoint": "User Authentication",
"scoringEngine": "Average",
"weight": "100",
"rules": [
{
"rulegid": "51356_3d3903a75f923ab9925c3a7b5935d03cd2e9e4a31936f7ec7ad1c1294f71969a",
"ruleName": "Does user have a profile",
"score": "0",
"weight": "100",
"ruleStatus": "ACTIVE",
"ruleStatusDisplayValue": "Active",
"ruleNotes": "This rule checks if the pattern auto learning is enabled and if the user has a historical behavior profile."
},
{
"rulegid": "9353_e49b40e49ebac38d36f5ce08ea16afc25a2e1e57642b2a7e8f9ee47a6844927b",
"ruleName": "Is there enough pattern data available?",
"score": "0",
"weight": "100",
"ruleStatus": "ACTIVE",
"ruleStatusDisplayValue": "Active",
"ruleNotes": "Rule checks if enough pattern data is available so that auto-learning rules can make use of it."
}
],
"triggerCombinations": [
{
"description": "If the profile contains enough recorded behavior, the user is evaluated by this policy.",
"rules": [
{
"ruleName": "Does user have a profile",
"ruleResult": "True"
},
{
"ruleName": "Is there enough pattern data available?",
"ruleResult": "True"
}
],
"score": "0"
},
{
"description": "If a user does not have enough recorded behavior in their profile they will be evaluated by this policy.",
"rules": [
{
"ruleName": "Does user have a profile",
"ruleResult": "Any"
},
{
"ruleName": "Is there enough pattern data available?",
"ruleResult": "True"
}
],
"score": "0"
}
]
}
XML形式で既存のOAAMポリシーを取得するcURLコマンド
curl --location --request GET '<PolicyUrl>/policy/risk/v1/policies/<policy_gid>' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--header 'Content-Type: application/xml' \
--header 'Accept: application/xml' \
--data '<?xml version="1.0" encoding="UTF-8" ?>
<TriggerCombinationsObject>
<description>Assertion Level between 50 and 100</description>
<rules>
<ruleName>Challenge SMS Available</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Maximum failed Email attempts</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Maximum failed SMS attempts</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Maximum failed Question attempts</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Challenge Email Available</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Questions Active</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Check for High Risk Score</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Assertion Level <=50</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Assertion Level 50 -100</ruleName>
<ruleResult>TRUE</ruleResult>
</rules>
<rules>
<ruleName>Assertion level 100-150</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>AssertionLevel 150-200</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<rules>
<ruleName>Assertion Level 200-250</ruleName>
<ruleResult>ANY</ruleResult>
</rules>
<score>400</score>
<actionGroup>OAAM Challenge SMS</actionGroup>
<alertGroup>10003</alertGroup>
</TriggerCombinationsObject>
'
XML形式のサンプル・レスポンス
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<PolicyDetailedResponse>
<policyName>does user have profile</policyName>
<status>200</status>
<message>Policy information.</message>
<policygid>51143_424de17591ff7cb74bba3759a9fa6aaf453769e756b08693b43253d09a113439</policygid>
<policyname>does user have profile</policyname>
<policyDescription>This policy checks if pattern auto learning is enabled and if a user has past behavior recorded. Users with enough recorded behavior will be evaluated against their own profile while users without enough recorded behavior will be evaluated against the profiles of all other users.</policyDescription>
<policyStatus>ACTIVE</policyStatus>
<policyStatusDisplayValue>Active</policyStatusDisplayValue>
<checkpoint>User Authentication</checkpoint>
<scoringEngine>Average</scoringEngine>
<weight>100</weight>
<rules>
<rulegid>51356_3d3903a75f923ab9925c3a7b5935d03cd2e9e4a31936f7ec7ad1c1294f71969a</rulegid>
<ruleName>Does user have a profile</ruleName>
<score>0</score>
<weight>100</weight>
<ruleStatus>ACTIVE</ruleStatus>
<ruleStatusDisplayValue>Active</ruleStatusDisplayValue>
<ruleNotes>This rule checks if the pattern auto learning is enabled and if the user has a historical behavior profile.</ruleNotes>
</rules>
<rules>
<rulegid>9353_e49b40e49ebac38d36f5ce08ea16afc25a2e1e57642b2a7e8f9ee47a6844927b</rulegid>
<ruleName>Is there enough pattern data available?</ruleName>
<score>0</score>
<weight>100</weight>
<ruleStatus>ACTIVE</ruleStatus>
<ruleStatusDisplayValue>Active</ruleStatusDisplayValue>
<ruleNotes>Rule checks if enough pattern data is available so that auto-learning rules can make use of it.</ruleNotes>
</rules>
<triggerCombinations>
<description>If the profile contains enough recorded behavior, the user is evaluated by this policy.</description>
<rules>
<ruleName>Does user have a profile</ruleName>
<ruleResult>True</ruleResult>
</rules>
<rules>
<ruleName>Is there enough pattern data available?</ruleName>
<ruleResult>True</ruleResult>
</rules>
<score>0</score>
</triggerCombinations>
<triggerCombinations>
<description>If a user does not have enough recorded behavior in their profile they will be evaluated by this policy.</description>
<rules>
<ruleName>Does user have a profile</ruleName>
<ruleResult>Any</ruleResult>
</rules>
<rules>
<ruleName>Is there enough pattern data available?</ruleName>
<ruleResult>True</ruleResult>
</rules>
<score>0</score>
</triggerCombinations>
</PolicyDetailedResponse>