Use the GET method to view token attribute rules for a specified document. This operation can be performed by the REST service or client. Only token attribute mapping is supported on the client side.
The following table summarizes the GET request parameters.
Name | Description | Type |
---|---|---|
documentName |
Name of document for which you want to view token attribute rules. | Path |
Media Types: | application/json |
The response body contains information about all token attribute rules for the document, including:
Attribute | Description |
---|---|
"attributes" |
Groups the constraints filter and mapping attributes for trusted users.
Note: This attribute is not required on the client side. |
"-dn" |
On the service side, trusted DN for which you are configuring an attribute rule. The string conforms to RFC 2253, as described at the following URL: http://www.ietf.org/rfc/rfc2253.txt
On the client side, URL specified using the following format: |
"filter" |
Defines the filter values for trusted users and attributes.
You can enter a complete name or a name pattern with a wildcard character (*), such as |
"mapping" |
Defines the mapping attributes for trusted users.
Note: This attribute is not applicable on the client side. |
"-name" |
Name of the attribute rule.
Note: This attribute is not applicable on the client side. |
"name-id" |
Defines the users that are accepted for the trusted DN. |
"token-attribute-rule" |
Groups information about a single token attribute rule. |
"tokn-attribute-rules" |
Groups information about all token attribute rules. |
"user-attribute" |
Defines the user attribute that the trusted DN can assert.
Note: This attribute is not applicable on the client side. |
"user-mapping-attribute" |
Defines the user mapping attribute that the trusted DN can assert. |
"value" |
Defines values for the constraint filter attribute. This value can be a full name or name pattern with a wildcard character (*), such as "yourTrusted*" . Multiple values must be separated by a comma. |
The following example shows how to view all token attribute rules by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trust/token/mydocument
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body—Service Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the service side.
{ "token-attribute-rules": { "token-attribute-rule": [ { "-dn": "cn=orcladmin,o=oracle", "attributes": [ { "-name": "tenant1", "attribute": { "filter": { "value": [ "filter1", "filter2" ] }, "mapping":{ "user-attribute": "val1", "user-mapping-attribute":"val2" } } } ], "name-id":{ "filter": { "value":[ "filter1" ] }, "mapping": { "user-attribute": "val3", "user-mapping-attribute":"val4" } } } ] } }
Example of Response Body - Client Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the client side.
{ "token-attribute-rules": { "token-attribute-rule": [ { "-dn": "https://messaging.us2.com/", "name-id":{ "mapping": { "user-mapping-attribute":"mail" } }, } ] "token-attribute-rule": [ { "-dn": "https://messaging.us2.com/mysvcInstance1-acme/", "name-id":{ "mapping": { "user-mapping-attribute":"uid" } }, } ] } }