apm aaa oauth-request
apm aaa oauth-request(1) BIG-IP TMSH Manual apm aaa oauth-request(1)
NAME
oauth-request - Manages an OAuth Request.
MODULE
apm aaa
SYNTAX
Configure the oauth-request component within the aaa module using the syntax shown in the following sections.
CREATE/MODIFY
create oauth-request [name]
modify oauth-request [name]
options:
app-service [[string] | none]
description [[string] | none]
headers [add | delete | modify | replace-all-with] {
[name] {
value [value]
}
method [get | post]
parameters [add | delete | modify | replace-all-with] {
[name] {
type [parameter type]
value [[string] | none]
}
}
type [request type]
uri [[string] | none]
edit oauth-request [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list oauth-request
list oauth-request [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete oauth-request [name]
DESCRIPTION
You can use the oauth-request component to manage an OAuth Request. The OAuth Request is an HTTP request that is used
during communication between the BIG-IP system and an OAuth Authorization Server (AS). Different types of OAuth Requests
can be configured for both OAuth Client and OAuth Scope agents.
EXAMPLES
create oauth-request F5AuthRedirectRequest { description "F5 Authentication Redirect request" method get parameters add {
client_id { type client-id } redirect_uri { type redirect-uri } response_type { value "code" } } type auth-redirect-request
}
Creates the OAuth Request named F5AuthRedirectRequest of type auth-redirect-request, sets HTTP method to get and
specifies the list of GET parameters to be sent: client-id, redirect_uri, response_type.
delete oauth-request F5AuthRedirectRequest
Deletes the OAuth Request named F5AuthRedirectRequest from the system.
OPTIONS
app-service
Specifies the name of the application service to which the object belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the
object. Only the application service can modify or delete the object.
description
Specifies a description for the component. The default is none.
headers
Adds, deletes, or replaces a set of headers, by specifying a header name and value for each entry.
value
The value of the header.
method
Specifies the HTTP method for the OAuth Request. The options are:
get Configures the system to make HTTP request using GET method.
post Configures the system to make HTTP request using POST method.
parameters
Adds, deletes, or replaces a set of parameters, by specifying a parameter name for each entry. You can configure the
following options for each parameter:
type The type of the parameter. For a custom type of parameter, you must provide a value. For other parameter types,
the value is taken from other configurations. The options for the type of a parameter are:
access-token The value for the parameter is access_token. Value assigned from session variable
session.oauth.client..access_token
client-id The value for this parameter type is the Client Id that is configured in the OAuth Server object.
client-secret The value for this parameter type is the Client Secret that is configured in the OAuth Server
object.
grant-type The value for this parameter type is the Grant Type that is configured in the OAuth Client agent.
redirect-uri The value for this parameter type is the Redirect URI that is configured in the OAuth Client agent.
resource-server-id The value for this parameter is the Resource Server Id that is configured in the OAuth Server
object.
resource-server-secret The value for this parameter is the Resource Server Secret that is configured in the OAuth
Server object.
scope The value for this parameter is the Scope that is configured in the OAuth Client agent.
custom Custom parameter value; you can specify any custom value for the parameter.
Default value for parameter type is custom.
value
The value of the parameter. A value is required for parameters of type custom only.
partition
Displays the partition within which the component resides. The default is Common.
type Type of the request. The options for the type of a request are:
auth-redirect-request The Authentication Redirect request. This type of request is used to redirect user to an
Authorization Server, when OAuth Client agent is configured to use "Authorization Code" grant type.
token-request The Token request. This type of request is used to access an Authorization Server in order to obtain an
access_token or exchange an authorization_code for an access_token.
token-refresh-request The Refresh Token request. This type of request is used to refresh an expired access_token.
token-revocation-request The Revocation request. This type of request is used to revoke an access_token.
validation-scopes-request The Validation and Scopes request. This type of request is used in OAuth Client agent to
validate an existing token. The same type of request is used to get a list of scopes associated with an existing
token.
scope-data-request The Scope Data request. This type of request is used to obtain additional information from an
Authorization Server.
Default value for request type is scope-data-request.
uri Request URI. This option is required for request of type scope-data-request only. All other types of requests use
endpoint URIs configured at OAuth Provider component.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015-2016. All rights reserved.
BIG-IP 2017-01-20 apm aaa oauth-request(1)