Use the GET method to view all token attribute rules for a domain context (applies to entire domain). This operation can be performed by the REST service or client. Only token attribute mapping is supported on the client side.
Media Types: | application/json |
The response body contains information about all token attribute rules, including:
Attribute | Description |
---|---|
"attributes" |
Groups the constraints filter and mapping attributes for trusted users.
Note: This attribute is not required on the client side. |
"-dn" |
On the service side, trusted DN for which you are configuring an attribute rule. The string conforms to RFC 2253, as described at the following URL: http://www.ietf.org/rfc/rfc2253.txt
On the client side, URL specified using the following format: |
"filter" |
Defines the filter values for trusted users and attributes.
You can enter a complete name or a name pattern with a wildcard character (*), such as |
"mapping" |
Defines the mapping attributes for trusted users.
Note: This attribute is not applicable on the client side. |
"-name" |
Name of the attribute rule.
Note: This attribute is not applicable on the client side. |
"name-id" |
Defines the users that are accepted for the trusted DN. |
"token-attribute-rule" |
Groups information about a single token attribute rule. |
"tokn-attribute-rules" |
Groups information about all token attribute rules. |
"user-attribute" |
Defines the user attribute that the trusted DN can assert.
Note: This attribute is not applicable on the client side. |
"user-mapping-attribute" |
Defines the user mapping attribute that the trusted DN can assert. |
"value" |
Defines values for the constraint filter attribute. This value can be a full name or name pattern with a wildcard character (*), such as "yourTrusted*" . Multiple values must be separated by a comma. |
The following example shows how to view all token attribute rules by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trust/token
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body—Service Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the service side.
{ "token-attribute-rules": { "token-attribute-rule": [ { "-dn": "cn=orcladmin,o=oracle", "attributes": [ { "-name": "tenant1", "attribute": { "filter": { "value": [ "filter1", "filter2" ] }, "mapping":{ "user-attribute": "val1", "user-mapping-attribute":"val2" } } } ], "name-id":{ "filter": { "value":[ "filter1" ] }, "mapping": { "user-attribute": "val3", "user-mapping-attribute":"val4" } } } ] } }
Example of Response Body - Client Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the client side.
{ "token-attribute-rules": { "token-attribute-rule": [ { "-dn": "https://messaging.us2.com/", "name-id":{ "mapping": { "user-mapping-attribute":"mail" } }, } ] "token-attribute-rule": [ { "-dn": "https://messaging.us2.com/mysvcInstance1-acme/", "name-id":{ "mapping": { "user-mapping-attribute":"uid" } }, } ] } }