apm aaa oauth-request
apm aaa oauth-request(1) BIG-IP TMSH Manual apm aaa oauth-request(1)
NAME
oauth-request - Manages an OAuth Request.
MODULE
apm aaa
SYNTAX
Configure the oauth-request component within the aaa module using the
syntax shown in the following sections.
CREATE/MODIFY
create oauth-request [name]
modify oauth-request [name]
options:
app-service [[string] | none]
description [[string] | none]
headers [add | delete | modify | replace-all-with] {
[name] {
value [value]
}
method [get | post]
parameters [add | delete | modify | replace-all-with] {
[name] {
type [parameter type]
value [[string] | none]
}
}
type [request type]
uri [[string] | none]
edit oauth-request [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list oauth-request
list oauth-request [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete oauth-request [name]
DESCRIPTION
You can use the oauth-request component to manage an OAuth Request.
The OAuth Request is an HTTP request that is used during communication
between the BIG-IP system and an OAuth Authorization Server (AS).
Different types of OAuth Requests can be configured for both OAuth
Client and OAuth Scope agents.
EXAMPLES
create oauth-request F5AuthRedirectRequest { description "F5
Authentication Redirect request" method get parameters add { client_id
{ type client-id } redirect_uri { type redirect-uri } response_type {
value "code" } } type auth-redirect-request }
Creates the OAuth Request named F5AuthRedirectRequest of type
auth-redirect-request, sets HTTP method to get and specifies the
list of GET parameters to be sent: client-id, redirect_uri,
response_type.
delete oauth-request F5AuthRedirectRequest
Deletes the OAuth Request named F5AuthRedirectRequest from the
system.
OPTIONS
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
description
Specifies a description for the component. The default is none.
headers
Adds, deletes, or replaces a set of headers, by specifying a
header name and value for each entry.
value
The value of the header.
method
Specifies the HTTP method for the OAuth Request. The options are:
get Configures the system to make HTTP request using GET method.
post Configures the system to make HTTP request using POST method.
parameters
Adds, deletes, or replaces a set of parameters, by specifying a
parameter name for each entry. You can configure the following
options for each parameter:
type The type of the parameter. For a custom type of parameter,
you must provide a value. For other parameter types, the
value is taken from other configurations. The options for
the type of a parameter are:
access-token The value for the parameter is access_token.
Value assigned from session variable
session.oauth.client..access_token
client-id The value for this parameter type is the Client Id
that is configured in the OAuth Server object.
client-secret The value for this parameter type is the Client
Secret that is configured in the OAuth Server object.
grant-type The value for this parameter type is the Grant
Type that is configured in the OAuth Client agent.
redirect-uri The value for this parameter type is the
Redirect URI that is configured in the OAuth Client agent.
resource-server-id The value for this parameter is the
Resource Server Id that is configured in the OAuth Server
object.
resource-server-secret The value for this parameter is the
Resource Server Secret that is configured in the OAuth Server
object.
scope The value for this parameter is the Scope that is
configured in the OAuth Client agent.
custom Custom parameter value; you can specify any custom
value for the parameter.
Default value for parameter type is custom.
value
The value of the parameter. A value is required for
parameters of type custom only.
partition
Displays the partition within which the component resides. The
default is Common.
type Type of the request. The options for the type of a request are:
auth-redirect-request The Authentication Redirect request. This
type of request is used to redirect user to an Authorization
Server, when OAuth Client agent is configured to use
"Authorization Code" grant type.
token-request The Token request. This type of request is used to
access an Authorization Server in order to obtain an access_token
or exchange an authorization_code for an access_token.
token-refresh-request The Refresh Token request. This type of
request is used to refresh an expired access_token.
token-revocation-request The Revocation request. This type of
request is used to revoke an access_token.
validation-scopes-request The Validation and Scopes request. This
type of request is used in OAuth Client agent to validate an
existing token. The same type of request is used to get a list of
scopes associated with an existing token.
scope-data-request The Scope Data request. This type of request is
used to obtain additional information from an Authorization
Server.
Default value for request type is scope-data-request.
uri Request URI. This option is required for request of type scope-
data-request only. All other types of requests use endpoint URIs
configured at OAuth Provider component.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015-2016. All rights
reserved.
BIG-IP 2017-01-20 apm aaa oauth-request(1)