Avi SSOPolicy Object API
CLI ``` - configure ssopolicy - show ssopolicy ```
Contact Info: support@avinetworks.com
Version: 20.1.9
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html
Access
- HTTP Basic Authentication
[ Jump to Models ]
Table of Contents
get /ssopolicypost /ssopolicydelete /ssopolicy/{uuid}get /ssopolicy/{uuid}patch /ssopolicy/{uuid}put /ssopolicy/{uuid}
(ssopolicyGet)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"next" : "aeiou",
"count" : 123,
"results" : [ {
"tenant_ref" : "aeiou",
"name" : "aeiou",
"authentication_policy" : {
"sp_metadata" : "aeiou",
"authn_rules" : [ {
"enable" : true,
"match" : {
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
}
},
"name" : "aeiou",
"action" : {
"type" : "aeiou"
},
"index" : 123
} ],
"default_auth_profile_ref" : "aeiou",
"cookie_timeout" : 123,
"auth_profile_ref" : "aeiou",
"entity_id" : "aeiou",
"key" : [ {
"hmac_key" : "aeiou",
"aes_key" : "aeiou",
"name" : "aeiou"
} ],
"cookie_name" : "aeiou",
"single_signon_url" : "aeiou"
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"type" : "aeiou",
"authorization_policy" : {
"authz_rules" : [ {
"enable" : true,
"match" : {
"access_token" : {
"token_name" : "aeiou",
"matches" : [ {
"string_match" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ]
},
"bool_match" : true,
"name" : "aeiou",
"int_match" : 123,
"is_mandatory" : true,
"type" : "aeiou",
"validate" : true
} ]
},
"path" : "",
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : "",
"attr_matches" : [ {
"attribute_name" : "aeiou",
"attribute_value_list" : ""
} ]
},
"name" : "aeiou",
"action" : {
"status_code" : "aeiou",
"type" : "aeiou"
},
"index" : 123
} ]
},
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
SSOPolicyApiResponse
401
log in failed
(ssopolicyPost)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — SSOPolicy object creation
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"authentication_policy" : {
"sp_metadata" : "aeiou",
"authn_rules" : [ {
"enable" : true,
"match" : {
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
}
},
"name" : "aeiou",
"action" : {
"type" : "aeiou"
},
"index" : 123
} ],
"default_auth_profile_ref" : "aeiou",
"cookie_timeout" : 123,
"auth_profile_ref" : "aeiou",
"entity_id" : "aeiou",
"key" : [ {
"hmac_key" : "aeiou",
"aes_key" : "aeiou",
"name" : "aeiou"
} ],
"cookie_name" : "aeiou",
"single_signon_url" : "aeiou"
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"type" : "aeiou",
"authorization_policy" : {
"authz_rules" : [ {
"enable" : true,
"match" : {
"access_token" : {
"token_name" : "aeiou",
"matches" : [ {
"string_match" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ]
},
"bool_match" : true,
"name" : "aeiou",
"int_match" : 123,
"is_mandatory" : true,
"type" : "aeiou",
"validate" : true
} ]
},
"path" : "",
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : "",
"attr_matches" : [ {
"attribute_name" : "aeiou",
"attribute_value_list" : ""
} ]
},
"name" : "aeiou",
"action" : {
"status_code" : "aeiou",
"type" : "aeiou"
},
"index" : 123
} ]
},
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
SSOPolicy
401
log in failed
Up
delete /ssopolicy/{uuid}
(ssopolicyUuidDelete)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
Return type
String
Example data
Content-Type: application/json
"aeiou"
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
204
object deleted
String
404
not found
(ssopolicyUuidGet)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"authentication_policy" : {
"sp_metadata" : "aeiou",
"authn_rules" : [ {
"enable" : true,
"match" : {
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
}
},
"name" : "aeiou",
"action" : {
"type" : "aeiou"
},
"index" : 123
} ],
"default_auth_profile_ref" : "aeiou",
"cookie_timeout" : 123,
"auth_profile_ref" : "aeiou",
"entity_id" : "aeiou",
"key" : [ {
"hmac_key" : "aeiou",
"aes_key" : "aeiou",
"name" : "aeiou"
} ],
"cookie_name" : "aeiou",
"single_signon_url" : "aeiou"
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"type" : "aeiou",
"authorization_policy" : {
"authz_rules" : [ {
"enable" : true,
"match" : {
"access_token" : {
"token_name" : "aeiou",
"matches" : [ {
"string_match" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ]
},
"bool_match" : true,
"name" : "aeiou",
"int_match" : 123,
"is_mandatory" : true,
"type" : "aeiou",
"validate" : true
} ]
},
"path" : "",
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : "",
"attr_matches" : [ {
"attribute_name" : "aeiou",
"attribute_value_list" : ""
} ]
},
"name" : "aeiou",
"action" : {
"status_code" : "aeiou",
"type" : "aeiou"
},
"index" : 123
} ]
},
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
SSOPolicy
401
log in failed
Up
patch /ssopolicy/{uuid}
(ssopolicyUuidPatch)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — SSOPolicy object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"authentication_policy" : {
"sp_metadata" : "aeiou",
"authn_rules" : [ {
"enable" : true,
"match" : {
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
}
},
"name" : "aeiou",
"action" : {
"type" : "aeiou"
},
"index" : 123
} ],
"default_auth_profile_ref" : "aeiou",
"cookie_timeout" : 123,
"auth_profile_ref" : "aeiou",
"entity_id" : "aeiou",
"key" : [ {
"hmac_key" : "aeiou",
"aes_key" : "aeiou",
"name" : "aeiou"
} ],
"cookie_name" : "aeiou",
"single_signon_url" : "aeiou"
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"type" : "aeiou",
"authorization_policy" : {
"authz_rules" : [ {
"enable" : true,
"match" : {
"access_token" : {
"token_name" : "aeiou",
"matches" : [ {
"string_match" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ]
},
"bool_match" : true,
"name" : "aeiou",
"int_match" : 123,
"is_mandatory" : true,
"type" : "aeiou",
"validate" : true
} ]
},
"path" : "",
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : "",
"attr_matches" : [ {
"attribute_name" : "aeiou",
"attribute_value_list" : ""
} ]
},
"name" : "aeiou",
"action" : {
"status_code" : "aeiou",
"type" : "aeiou"
},
"index" : 123
} ]
},
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
SSOPolicy
401
log in failed
(ssopolicyUuidPut)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — SSOPolicy object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"authentication_policy" : {
"sp_metadata" : "aeiou",
"authn_rules" : [ {
"enable" : true,
"match" : {
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
}
},
"name" : "aeiou",
"action" : {
"type" : "aeiou"
},
"index" : 123
} ],
"default_auth_profile_ref" : "aeiou",
"cookie_timeout" : 123,
"auth_profile_ref" : "aeiou",
"entity_id" : "aeiou",
"key" : [ {
"hmac_key" : "aeiou",
"aes_key" : "aeiou",
"name" : "aeiou"
} ],
"cookie_name" : "aeiou",
"single_signon_url" : "aeiou"
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"type" : "aeiou",
"authorization_policy" : {
"authz_rules" : [ {
"enable" : true,
"match" : {
"access_token" : {
"token_name" : "aeiou",
"matches" : [ {
"string_match" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_str" : [ "aeiou" ]
},
"bool_match" : true,
"name" : "aeiou",
"int_match" : 123,
"is_mandatory" : true,
"type" : "aeiou",
"validate" : true
} ]
},
"path" : "",
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : "",
"attr_matches" : [ {
"attribute_name" : "aeiou",
"attribute_value_list" : ""
} ]
},
"name" : "aeiou",
"action" : {
"status_code" : "aeiou",
"type" : "aeiou"
},
"index" : 123
} ]
},
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
SSOPolicy
401
log in failed
[ Jump to Methods ]
Table of Contents
AuthAttributeMatchAuthenticationActionAuthenticationMatchAuthenticationPolicyAuthenticationRuleAuthorizationActionAuthorizationMatchAuthorizationPolicyAuthorizationRuleHostHdrMatchHttpCookiePersistenceKeyIpAddrIpAddrMatchIpAddrPrefixIpAddrRangeJWTClaimMatchJWTMatchKeyValueMethodMatchPathMatchRoleFilterMatchLabelSSOPolicySSOPolicyApiResponseStringMatch
attribute_name
String Attribute name whose values will be looked up in the access lists. Field introduced in 18.2.5.
attribute_value_list
StringMatch Attribute Values used to determine access when authentication applies. Field introduced in 18.2.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
type
String Authentication Action to be taken for a matched Rule. Enum options - SKIP_AUTHENTICATION, USE_DEFAULT_AUTHENTICATION. Field introduced in 18.2.5.
client_ip (optional)
IpAddrMatch Configure client ip addresses. Field introduced in 18.2.5.
host_hdr (optional)
HostHdrMatch Configure the host header. Field introduced in 18.2.5.
path (optional)
PathMatch Configure request paths. Field introduced in 18.2.5.
auth_profile_ref (optional)
String Auth Profile to use for validating users. It is a reference to an object of type AuthProfile. Field deprecated in 18.2.3. Field introduced in 18.2.1.
authn_rules (optional)
cookie_name (optional)
String HTTP cookie name for authenticated session. Field deprecated in 18.2.3. Field introduced in 18.2.1.
cookie_timeout (optional)
Integer Cookie timeout in minutes. Allowed values are 1-1440. Field deprecated in 18.2.3. Field introduced in 18.2.1. Unit is MIN. format: int32
default_auth_profile_ref
String Auth Profile to use for validating users. It is a reference to an object of type AuthProfile. Field introduced in 18.2.3.
entity_id (optional)
String Globally unique entityID for this node. Entity ID on the IDP should match this. Field deprecated in 18.2.3. Field introduced in 18.2.1.
key (optional)
single_signon_url (optional)
String Single Signon URL to be programmed on the IDP. Field deprecated in 18.2.3. Field introduced in 18.2.1.
sp_metadata (optional)
String SAML SP metadata. Field deprecated in 18.2.3. Field introduced in 18.2.1.
action (optional)
AuthenticationAction Enable or disable authentication for matched targets. Field introduced in 18.2.5.
enable
Boolean Enable or disable the rule. Field introduced in 18.2.5.
index
Integer Index of the rule. Field introduced in 18.2.5. format: int32
match (optional)
AuthenticationMatch Add match criteria to the rule. Field introduced in 18.2.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
name
String Name of the rule. Field introduced in 18.2.5.
status_code (optional)
String HTTP status code to use for local response when an policy rule is matched. Enum options - HTTP_RESPONSE_STATUS_CODE_401, HTTP_RESPONSE_STATUS_CODE_403. Field introduced in 18.2.5.
type (optional)
String Defines the action taken when an authorization policy rule is matched. By default, access is allowed to the requested resource. Enum options - ALLOW_ACCESS, CLOSE_CONNECTION, HTTP_LOCAL_RESPONSE. Field introduced in 18.2.5.
access_token (optional)
JWTMatch Access Token claims to be matched. Field introduced in 20.1.3.
attr_matches (optional)
array[AuthAttributeMatch] Attributes whose values need to be matched . Field introduced in 18.2.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
host_hdr (optional)
HostHdrMatch Host header value to be matched. Field introduced in 18.2.5.
method (optional)
MethodMatch HTTP methods to be matched. Field introduced in 18.2.5.
path (optional)
PathMatch Paths/URLs to be matched. Field introduced in 18.2.5.
action
enable
Boolean Enable or disable the rule. Field introduced in 18.2.5.
index
Integer Index of the Authorization Policy rule. Field introduced in 18.2.5. format: int32
match
AuthorizationMatch Authorization match criteria for the rule. Field introduced in 18.2.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
name
String Name of the rule. Field introduced in 18.2.5.
match_case (optional)
String Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE.
match_criteria
String Criterion to use for the host header value match. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL.
value (optional)
aes_key (optional)
String aes_key of HttpCookiePersistenceKey.
hmac_key (optional)
String hmac_key of HttpCookiePersistenceKey.
name (optional)
String name to use for cookie encryption.
addr
type
String Enum options - V4, DNS, V6.
addrs (optional)
group_refs (optional)
array[String] UUID of IP address group(s). It is a reference to an object of type IpAddrGroup.
match_criteria
String Criterion to use for IP address matching the HTTP request. Enum options - IS_IN, IS_NOT_IN.
prefixes (optional)
ranges (optional)
ip_addr
IpAddr Placeholder for description of property ip_addr of obj type IpAddrPrefix field type str type object
mask
Integer Number of mask. format: int32
begin
IpAddr Starting IP address of the range.
end
IpAddr Ending IP address of the range.
bool_match (optional)
Boolean Boolean value against which the claim is matched. Field introduced in 20.1.3.
int_match (optional)
Integer Integer value against which the claim is matched. Field introduced in 20.1.3. format: int32
is_mandatory
Boolean Specified Claim should be present in the JWT. Field introduced in 20.1.3.
name
String JWT Claim name to be validated. Field introduced in 20.1.3.
string_match (optional)
StringMatch String values against which the claim is matched. Field introduced in 20.1.3.
type
String Specifies the type of the Claim. Enum options - JWT_CLAIM_TYPE_BOOL, JWT_CLAIM_TYPE_INT, JWT_CLAIM_TYPE_STRING. Field introduced in 20.1.3.
validate
Boolean Specifies whether to validate the Claim value. Field introduced in 20.1.3.
matches (optional)
token_name (optional)
String Token for which the claims need to be validated. Field introduced in 20.1.3.
match_criteria
String Criterion to use for HTTP method matching the method in the HTTP request. Enum options - IS_IN, IS_NOT_IN.
methods (optional)
array[String] Configure HTTP method(s). Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK. Minimum of 1 items required. Maximum of 16 items allowed. Allowed in Basic(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Essentials(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Enterprise edition.
match_case (optional)
String Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE.
match_criteria
String Criterion to use for matching the path in the HTTP request URI. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition.
match_str (optional)
string_group_refs (optional)
array[String] UUID of the string group(s). It is a reference to an object of type StringGroup.
key
String Key for filter match. Field introduced in 20.1.3.
values (optional)
array[String] Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = * if this field is empty. Field introduced in 20.1.3.
_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
authentication_policy
authorization_policy (optional)
labels (optional)
array[KeyValue] Key value pairs for granular object access control. Also allows for classification and tagging of similar objects. Field deprecated in 20.1.5. Field introduced in 20.1.2. Maximum of 4 items allowed.
markers (optional)
array[RoleFilterMatchLabel] List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
name
String Name of the SSO Policy. Field introduced in 18.2.3.
tenant_ref (optional)
String UUID of the Tenant. It is a reference to an object of type Tenant. Field introduced in 18.2.3.
type
String SSO Policy Type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT. Field introduced in 18.2.5.
url (optional)
uuid (optional)
String UUID of the SSO Policy. Field introduced in 18.2.3.
count
results
next (optional)
match_criteria
String Criterion to use for string matching the HTTP request. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition.
match_str (optional)
string_group_refs (optional)
array[String] UUID of the string group(s). It is a reference to an object of type StringGroup.