Before using the REST API to view and manage token issuer trust configurations, you need to understand how to access the REST resources and other important concepts.
For more information, see "About the REST API".
For more information about token issuer trust management, see "Defining Trusted Issuers and a Trusted DN List for Signing Certificates" in Administering Web Services.
This chapter includes the following sections:
View and Manage Token Issuer Trust Configurations Using REST Resources
POST Domain Trusted Issuers and Distinguished Name Lists Method
POST Document Trusted Issuers and Distinguished Name Lists Method
GET Specified Document Trusted Issuer and Distinguished Name Lists Method
POST Token Attribute Rule Distinguished Name Method (Domain Context)
POST Token Attribute Rule Distinguished Name Method (Document Context)
You can view and manage token issuer trust configurations using a set of representational state transfer (REST) resources, as summarized below.
| Section | Method | Resource Path |
|---|---|---|
|
|
|
|
|
POST Domain Trusted Issuers and Distinguished Name Lists Method |
|
|
|
POST Document Trusted Issuers and Distinguished Name Lists Method |
|
|
|
|
|
|
|
GET Specified Document Trusted Issuer and Distinguished Name Lists Method |
|
|
|
POST Token Attribute Rule Distinguished Name Method (Domain Context) |
|
|
|
POST Token Attribute Rule Distinguished Name Method (Document Context) |
|
/idaas/webservice/admin/v1/trust/token |
|
|
|
|
|
|
/idaas/webservice/admin/v1/trust/token |
|
|
|
|
|
|
|
|
|
|
|
|
Use the Post method to create a trusted issuer document.
REST Request
POST /idaas/webservice/admin/v1/trustdocument
Parameters
The following table summarizes the POST request parameters.
| Name | Description | Type |
|---|---|---|
|
|
Display name for the document. |
Query |
|
|
Name of the document. |
Query |
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Attribute | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Details of the operation results. |
|
|
Status of operation. For example, |
cURL Example
TESTED
The following example shows how to create a trusted issuer document by submitting a POST request on the REST resource using cURL.
curl -i -X POST -u username:password http://myhost:7001/idaas/webservice/admin/v1/trustdocument?"documentName=myTrustDocument&displayName=myTrustDocument"
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see HTTP Status Codes for HTTP Methods
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"STATUS": "Succeeded",
"Result": "New Token Issuer Trust document named "myTrustDocument" created."
}
Use the POST method to create trusted issuers and distinguished name (DN) lists for signing certificates in a domain context (that is, it applies to the entire domain).
REST Request
POST /idaas/webservice/admin/v1/trust/issuers
Request Body
|
Media Types: |
|
The request body contains the details of the add request:
| Attribute | Description | Required |
|---|---|---|
|
|
List of DN values to be added to the trusted issuer. For each DN, use a string that conforms to RFC 2253, as described at the following URL: |
Yes |
|
|
Groups information about a trusted issuer. |
Yes |
|
|
Name of the trusted issuer. For example, |
Yes |
|
|
Groups information about JSON Web Token (JWT) trusted issuers. |
No |
|
|
Groups information about SAML holder-of-key trusted issuers. |
No |
|
|
Groups information about SAML sender vouches trusted issuers. |
No |
|
|
Groups the trusted issuers and DN lists. |
Yes |
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Attribute | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Status of operation. For example, |
cURL Example
TESTED
The following example shows how to create a trusted issuers and DN lists by submitting a POST request on the REST resource using cURL.
curl -i -X POST -u username:password --data @createtrust.json -H Content-Type:application/json http://myhost:7001/idaas/webservice/admin/v1/trust/issuers
Example of Request Body
The following shows an example of the request body in JSON format.
{
"saml-trusted-dns":
{
"saml-hok-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls1", ]
}
]
},
"saml-sv-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls2", ]
}
]
},
"jwt-trusted-issuers":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "CN=orakey, OU=Orakey,O=Oracle, C=US", ]
}
]
}
}
}
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"STATUS": "Succeeded",
}
Use the POST method to create trusted issuers and distinguished name (DN) lists for signing certificates in a document context (that is, it applies to a specified document). The trusted issuers will be stored in the specified trusted issuers document.
REST Request
POST /idaas/webservice/admin/v1/trust/issuers/{documentName}
Parameters
The following table summarizes the POST request parameters.
| Name | Description | Type |
|---|---|---|
|
|
Name of trusted issuer document. For information about creating a trusted issuer document, see "POST TrustDocument Name Method". |
Query |
Request Body
|
Media Types: |
|
The request body contains the details of the add request:
| Attribute | Description | Required |
|---|---|---|
|
|
List of DN values to be added to the trusted issuer. For each DN, use a string that conforms to RFC 2253, as described at the following URL: |
Yes |
|
|
Groups information about a trusted issuer. |
Yes |
|
|
Name of the trusted issuer. For example, |
Yes |
|
|
Groups information about JSON Web Token (JWT) trusted issuers. |
No |
|
|
Groups information about SAML holder-of-key trusted issuers. |
No |
|
|
Groups information about SAML sender vouches trusted issuers. |
No |
|
|
Groups the trusted issuers and DN lists. |
Yes |
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Attribute | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Status of operation. For example, |
cURL Example
TESTED
The following example shows how to create trusted issuers and DN lists by submitting a POST request on the REST resource using cURL
curl -i -X POST -u username:password --data @createtrust.json -H Content-Type:application/json http://myhost:7001/idaas/webservice/admin/v1/trust/issuers/mydocument
Example of Request Body
The following shows an example of the request body in JSON format.
{
"saml-trusted-dns":
{
"saml-hok-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls1", ]
}
]
},
"saml-sv-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls2", ]
}
]
},
"jwt-trusted-issuers":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "CN=orakey, OU=Orakey,O=Oracle, C=US", ]
}
]
}
}
}
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"STATUS": "Succeeded",
}
Use the GET method to view a trusted issuer and its distinguished name (DN) lists for all domain documents.
REST Request
GET /idaas/webservice/admin/v1/trust/issuers
Response Body
|
Media Types: |
|
The response body contains information about the trusted issuer and DN lists, including:
| Attribute | Description |
|---|---|
|
|
List of DN values to be added to the trusted issuer. |
|
|
Groups information about a trusted issuer. |
|
|
Name of the trusted issuer. |
|
|
Groups information about JSON Web Token (JWT) trusted issuers. |
|
|
Groups information about SAML holder-of-key trusted issuers. |
|
|
Groups information about SAML sender vouches trusted issuers. |
|
|
Groups the DN lists. |
cURL Example
TESTED
The following example shows how to view a trusted issuer and its DN lists by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trust/issuers
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"saml-trusted-dns":
{
"saml-hok-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls1", ]
}
]
},
"saml-sv-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls2", ]
}
]
},
"jwt-trusted-issuers":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "CN=orakey, OU=Orakey,O=Oracle, C=US", ]
}
]
}
}
}
Use the GET method to view a trusted issuer and its distinguished name (DN) lists based on the document name provided.
REST Request
GET /idaas/webservice/admin/v1/trust/issuers/{documentName}
Parameters
The following table summarizes the GET request parameters.
| Name | Description | Type |
|---|---|---|
|
|
Name of document for which you want to view issuer and DN lists. |
Path |
Response Body
|
Media Types: |
|
The response body contains information about the trusted issuer and DN lists, including:
| Attribute | Description |
|---|---|
|
|
List of DN values to be added to the trusted issuer. |
|
|
Groups information about a trusted issuer. |
|
|
Name of the trusted issuer. |
|
|
Groups information about JSON Web Token (JWT) trusted issuers. |
|
|
Groups information about SAML holder-of-key trusted issuers. |
|
|
Groups information about SAML sender vouches trusted issuers. |
|
|
Groups the DN lists. |
cURL Example
TESTED
The following example shows how to view a trusted issuer and its DN lists by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trust/issuers/mydocument
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"saml-trusted-dns":
{
"saml-hok-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls1", ]
}
]
},
"saml-sv-trusted-dns":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "wls2", ]
}
]
},
"jwt-trusted-issuers":
{
"issuer": [
{
"-name": "www.oracle.com",
"dn": [ "CN=orakey, OU=Orakey,O=Oracle, C=US", ]
}
]
}
}
}
Use the POST method to create a token attribute rule for a trusted distinguished name (DN) for a domain context (that is, it applies to the entire domain). This operation can be performed by the REST service or client. Only token attribute mapping is supported on the client side.
REST Request
POST /idaas/webservice/admin/v1/trust/token
Request Body
|
Media Types: |
|
The request body contains the details of the add request:
| Attribute | Description |
|---|---|
|
|
Groups the constraints filter and mapping attributes for trusted users. Note: This attribute is not required on the client side. |
|
|
On the service side, set this value to a trusted DN for which you are configuring an attribute rule. Use a string that conforms to RFC 2253, as described at the following URL: On the client side, set this value to a URL of the domain hosting the targeted services using the following format: |
|
|
Defines the constraint values for trusted users and attributes. Note: This attribute is not applicable on the client side. |
|
|
Defines the mapping attributes for trusted users. |
|
|
Name of the attribute rule. Note: This attribute is not applicable on the client side. |
|
|
Defines the users that are accepted for the trusted DN. |
|
|
Groups information about a single token attribute rule. |
|
|
Groups information about all token attribute rules. |
|
|
Defines the user attribute that the trusted DN can assert. Note: This attribute is not applicable on the client side. |
|
|
Defines the user mapping attribute that the trusted DN can assert. |
|
|
Defines values for the constraint filter attribute. This value can be a full name or name pattern with a wildcard character (*), such as Note: This attribute is not applicable on the client side. |
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Attribute | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Status of operation. For example, |
cURL Example
TESTED
The following example shows how to create a token attribute rule for a trusted DN by submitting a POST request on the REST resource using cURL.
curl -i -X POST -u username:password --data @createrule.json http://myhost:7001/idaas/webservice/admin/v1/trust/token
Example of Request Body - Service Side
The following shows an example of the request body in JSON format for creating a token attribute rule for a trusted DN on the service side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "cn=orcladmin,o=oracle",
"name-id":{
"filter":
{
"value":[ "filter1" ]
},
"mapping":
{
"user-attribute": "val3",
"user-mapping-attribute":"val4"
}
},
"attributes":
[
{
"-name": "tenant1",
"attribute":
{
"filter":
{
"value": [
"filter1",
"filter2"
]
},
"mapping":{
"user-attribute": "val1",
"user-mapping-attribute":"val2"
}
}
}
]
}
]
}
}
Example of Request Body - Client Side
The following shows an example of the request body in JSON format for creating a token attribute rule on the client side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"mail"
}
},
}
]
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/mysvcInstance1-acme/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"uid"
}
},
}
]
}
}
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"STATUS": "Succeeded"
}
Use the POST method to create a token attribute rule for a trusted distinguished name (DN) for a document context (that is, it applies to a specified document). This operation can be performed by the REST service or client. Only token attribute mapping is supported on the client side.
REST Request
POST /idaas/webservice/admin/v1/trust/token/{documentName}
Parameters
The following table summarizes the POST request parameters.
| Name | Description | Type |
|---|---|---|
|
|
Name of document for which you want to create a token attribute rule. |
Path |
Request Body
|
Media Types: |
|
The request body contains the details of the add request:
| Attribute | Description |
|---|---|
|
|
Groups the constraints filter and mapping attributes for trusted users. Note: This attribute is not required on the client side. |
|
|
On the service side, set this value to a trusted DN for which you are configuring an attribute rule. Use a string that conforms to RFC 2253, as described at the following URL: On the client side, set this value to a URL of the domain hosting the targeted services using the following format: |
|
|
Defines the constraint values for trusted users and attributes. Note: This attribute is not applicable on the client side. |
|
|
Defines the mapping attributes for trusted users. |
|
|
Name of the attribute rule. Note: This attribute is not applicable on the client side. |
|
|
Defines the users that are accepted for the trusted DN. |
|
|
Groups information about a single token attribute rule. |
|
|
Groups information about all token attribute rules. |
|
|
Defines the user attribute that the trusted DN can assert. Note: This attribute is not applicable on the client side. |
|
|
Defines the user mapping attribute that the trusted DN can assert. |
|
|
Defines values for the constraint filter attribute. This value can be a full name or name pattern with a wildcard character (*), such as Note: This attribute is not applicable on the client side. |
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Attribute | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Status of operation. For example, |
cURL Example
TESTED
The following example shows how to create a token attribute rule for a trusted DN by submitting a POST request on the REST resource using cURL.
curl -i -X POST -u username:password --data @createrule.json http://myhost:7001/idaas/webservice/admin/v1/trust/token/mydocument
Example of Request Body - Service Side
The following shows an example of the request body in JSON format for creating a token attribute rule for a trusted DN on the service side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "cn=orcladmin,o=oracle",
"name-id":{
"filter":
{
"value":[ "filter1" ]
},
"mapping":
{
"user-attribute": "val3",
"user-mapping-attribute":"val4"
}
},
"attributes":
[
{
"-name": "tenant1",
"attribute":
{
"filter":
{
"value": [
"filter1",
"filter2"
]
},
"mapping":{
"user-attribute": "val1",
"user-mapping-attribute":"val2"
}
}
}
]
}
]
}
}
Example of Request Body - Client Side
The following shows an example of the request body in JSON format for creating a token attribute rule on the client side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"mail"
}
},
}
]
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/mysvcInstance1-acme/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"uid"
}
},
}
]
}
}
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"STATUS": "Succeeded"
}
Use the GET method to view all token attribute rules for a domain context (applies to entire domain). This operation can be performed by the REST service or client. Only token attribute mapping is supported on the client side.
REST Request
GET /idaas/webservice/admin/v1/trust/token
Response Body
|
Media Types: |
|
The response body contains information about all token attribute rules, including:
| Attribute | Description |
|---|---|
|
|
Groups the constraints filter and mapping attributes for trusted users. Note: This attribute is not required on the client side. |
|
|
On the service side, trusted DN for which you are configuring an attribute rule. The string conforms to RFC 2253, as described at the following URL: On the client side, URL specified using the following format: |
|
|
Defines the filter values for trusted users and attributes. You can enter a complete name or a name pattern with a wildcard character (*), such as |
|
|
Defines the mapping attributes for trusted users. Note: This attribute is not applicable on the client side. |
|
|
Name of the attribute rule. Note: This attribute is not applicable on the client side. |
|
|
Defines the users that are accepted for the trusted DN. |
|
|
Groups information about a single token attribute rule. |
|
|
Groups information about all token attribute rules. |
|
|
Defines the user attribute that the trusted DN can assert. Note: This attribute is not applicable on the client side. |
|
|
Defines the user mapping attribute that the trusted DN can assert. |
|
|
Defines values for the constraint filter attribute. This value can be a full name or name pattern with a wildcard character (*), such as |
cURL Example
TESTED against MAIN -- was asked to remove trust document name for URL in review.
The following example shows how to view all token attribute rules by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trust/token
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body—Service Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the service side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "cn=orcladmin,o=oracle",
"attributes":
[
{
"-name": "tenant1",
"attribute":
{
"filter":
{
"value": [
"filter1",
"filter2"
]
},
"mapping":{
"user-attribute": "val1",
"user-mapping-attribute":"val2"
}
}
}
],
"name-id":{
"filter":
{
"value":[ "filter1" ]
},
"mapping":
{
"user-attribute": "val3",
"user-mapping-attribute":"val4"
}
}
}
]
}
}
Example of Response Body - Client Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the client side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"mail"
}
},
}
]
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/mysvcInstance1-acme/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"uid"
}
},
}
]
}
}
Use the GET method to view token attribute rules for a specified document. This operation can be performed by the REST service or client. Only token attribute mapping is supported on the client side.
REST Request
GET /idaas/webservice/admin/v1/trust/token/{documentName}
Parameters
The following table summarizes the GET request parameters.
| Name | Description | Type |
|---|---|---|
|
|
Name of document for which you want to view token attribute rules. |
Path |
Response Body
|
Media Types: |
|
The response body contains information about all token attribute rules for the document, including:
| Attribute | Description |
|---|---|
|
|
Groups the constraints filter and mapping attributes for trusted users. Note: This attribute is not required on the client side. |
|
|
On the service side, trusted DN for which you are configuring an attribute rule. The string conforms to RFC 2253, as described at the following URL: On the client side, URL specified using the following format: |
|
|
Defines the filter values for trusted users and attributes. You can enter a complete name or a name pattern with a wildcard character (*), such as |
|
|
Defines the mapping attributes for trusted users. Note: This attribute is not applicable on the client side. |
|
|
Name of the attribute rule. Note: This attribute is not applicable on the client side. |
|
|
Defines the users that are accepted for the trusted DN. |
|
|
Groups information about a single token attribute rule. |
|
|
Groups information about all token attribute rules. |
|
|
Defines the user attribute that the trusted DN can assert. Note: This attribute is not applicable on the client side. |
|
|
Defines the user mapping attribute that the trusted DN can assert. |
|
|
Defines values for the constraint filter attribute. This value can be a full name or name pattern with a wildcard character (*), such as |
cURL Example
TESTED against MAIN -- was asked to remove trust document name for URL in review.
The following example shows how to view all token attribute rules by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trust/token/mydocument
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body—Service Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the service side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "cn=orcladmin,o=oracle",
"attributes":
[
{
"-name": "tenant1",
"attribute":
{
"filter":
{
"value": [
"filter1",
"filter2"
]
},
"mapping":{
"user-attribute": "val1",
"user-mapping-attribute":"val2"
}
}
}
],
"name-id":{
"filter":
{
"value":[ "filter1" ]
},
"mapping":
{
"user-attribute": "val3",
"user-mapping-attribute":"val4"
}
}
}
]
}
}
Example of Response Body - Client Side
The following shows an example of the response body in JSON format for viewing a token attribute rule on the client side.
{
"token-attribute-rules":
{
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"mail"
}
},
}
]
"token-attribute-rule":
[
{
"-dn": "https://messaging.us2.com/mysvcInstance1-acme/",
"name-id":{
"mapping":
{
"user-mapping-attribute":"uid"
}
},
}
]
}
}
Use the POST method to import trusted issuer configurations, including issuer names, distinguished name (DN) lists, and token attribute rules.
REST Request
POST /idaas/webservice/admin/v1/trustdocument/import
Request Body
|
Media Types: |
|
The request body contains the details of the import request, in XML format. You must create a trusted issuers document, as described in "POST TrustDocument Name Method", and pass it using the oratrust:name element. For example:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<oratrust:TokenIssuerTrust xmlns:oratrust="http://xmlns.oracle.com/wsm/security/trust" oratrust:name="trustdocument">
<oratrust:Issuers>
<oratrust:Issuer oratrust:name="www.oracle.com" oratrust:tokentype="saml.hok">
<oratrust:TrustedKeys/>
</oratrust:Issuer>
<oratrust:Issuer oratrust:name="www.oracle.com" oratrust:tokentype="saml.sv">
<oratrust:TrustedKeys/>
</oratrust:Issuer>
<oratrust:Issuer oratrust:name="www.oracle.com" oratrust:tokentype="jwt">
<oratrust:TrustedKeys/>
</oratrust:Issuer>
</oratrust:Issuers>
<oratrust:TokenAttributeRules/>
</oratrust:TokenIssuerTrust>
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Element | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Details of the operation results. |
|
|
Status of operation. For example, |
cURL Example
The following example shows how to view all certificates for an alias by submitting a POST request on the REST resource using cURL.
curl -i -X POST -u username:password --data @import.xml -H Content-Type:application/xml -H Accept:application/json http://myhost:7001/idaas/platform/admin/v1/trustdocument/import
Example of Request Body
The following shows an example of the request body in JSON format.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<oratrust:TokenIssuerTrust xmlns:oratrust="http://xmlns.oracle.com/wsm/security/trust" oratrust:name="test">
<oratrust:Issuers>
<oratrust:Issuer oratrust:name="www.oracle.com" oratrust:tokentype="saml.hok">
<oratrust:TrustedKeys/>
</oratrust:Issuer>
<oratrust:Issuer oratrust:name="www.oracle.com" oratrust:tokentype="saml.sv">
<oratrust:TrustedKeys/>
</oratrust:Issuer>
<oratrust:Issuer oratrust:name="www.oracle.com" oratrust:tokentype="jwt">
<oratrust:TrustedKeys/>
</oratrust:Issuer>
</oratrust:Issuers>
<oratrust:TokenAttributeRules/>
</oratrust:TokenIssuerTrust>
Use the GET method to view configuration details for the trusted issuer document.
REST Request
GET /idaas/webservice/admin/v1/trustdocument
Parameters
The following table summarizes the POST request parameters.
| Name | Description | Type |
|---|---|---|
|
|
Name of the document. |
Query |
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Attribute | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Details of the operation results. |
|
|
Status of operation. For example, |
cURL Example
The following example shows how to view all token attribute rules by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/trustdocument?"documentName=myTrustDocument"
Example of Response Header
The following shows an example of the response header.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"STATUS":"Succeeded",
"Result":"List of token issuer trust documents in the Repository:\nDetails of the document matching your request:\nName : myTrustDocument\tDisplay Name : myTrustDocument\tStatus : DOCUMENT_STATUS_COMMITED \nList of trusted issuers for this type:\tNone\nList of Token Attribute Rules\tNone"
}
Use the Delete method to delete a trusted issuer document.
REST Request
DELETE /idaas/webservice/admin/v1/trustdocument
Parameters
The following table summarizes the DELETE request parameters.
| Name | Description | Type |
|---|---|---|
|
|
Display name for the document. |
Query |
|
|
Name of trusted issuer document. |
Query |
Response Body
|
Media Types: |
|
The response body returns the status of the import operation, including:
| Attribute | Description |
|---|---|
|
|
If |
|
|
If |
|
|
Details of the operation results. |
|
|
Status of operation. For example, |
cURL Example
TESTED
The following example shows how to delete a SAML issuer trust document by submitting a DELETE request on the REST resource using cURL.
curl -i -X DELETE -u username:password http://myhost:7001/idaas/webservice/admin/v1/trustdocument?"documentName=myTrustDocument&displayName=myTrustDocument"
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see HTTP Status Codes for HTTP Methods
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"STATUS": "Succeeded",
"Result": "Token Issuer Trust document named "myTrustDocument" deleted from the repository."
}