apm policy agent aaa-oauthΒΆ

apm policy agent aaa-oauth(1) BIG-IP TMSH Manual apm policy agent aaa-oauth(1)



NAME
       aaa-oauth - Manages an AAA OAuth(r) agent.

MODULE
       apm policy agent

SYNTAX
       Configure the aaa-oauth component within the policy agent module using
       the following syntax.

   CREATE/MODIFY
	create aaa-oauth[name]
	modify aaa-oauth [name]
	  options:
	   app-service [[string] | none]
	   auth-redirect-request [name]
	   grant-type [authorization-code | password]
	   redirection-uri [string]
	   scope [[string] | none]
	   scope-data-request [name]
	   server [name]
	   token-refresh-request [name]
	   token-request [name]
	   type [client | scope]
	   validation-scopes-request [name]

   DISPLAY
	list aaa-oauth
	list aaa-oauth [ [ [name] | [glob] | [regex] ] ... ]
	show running-config aaa-oauth
	show running-config aaa-oauth [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all
	    all-properties
	    current-module
	    non-default-properties
	    one-line
	    app-service
	    partition

   DELETE
	delete aaa-oauth [name]

DESCRIPTION
       Use this component to create, modify, display, or delete an OAuth
       Client or OAuth Scope agent.

EXAMPLES
       create aaa-oauth MyGoogleClient { auth-redirect-request
       GoogleAuthRedirectRequest grant-type authorization-code scope
       "https://www.googleapis.com/auth/userinfo.email
       https://www.googleapis.com/auth/userinfo.profile" server myGoogleServer
       token-request GoogleTokenRequest type client validation-scopes-request
       GoogleValidationScopesRequest } Creates the OAuth Client agent to
       acquire an access_token from Google authorization server using
       authorization-code grant type. Defines two scopes. The user's
       permission will be requested for the scopes.
       create aaa-oauth MyGoogleScope { scope-data-request {
       https://www.googleapis.com/auth/userinfo.profile { request
       GoogleScopeUserInfoProfileRequest } } server myGoogleServer type scope
       validation-scopes-request GoogleValidationScopesRequest }
	    Creates OAuth Scope agent to get the list of scopes associated
	    with the access_token, and defines the scope-data-request to
	    retrieve more information about user identity if the access_token
	    contains the scope
	    "https://www.googleapis.com/auth/userinfo.profile".

       list aaa-oauth
	    Displays a list of OAuth agents.

       delete aaa-oauth MyGoogleScope
	    Deletes the MyGoogleScope OAuth agent.

OPTIONS
       app-service
	    Specifies the name of the application service to which the object
	    belongs. The default value is none. Note: If the strict-updates
	    option is enabled on the application service that owns the object,
	    you cannot modify or delete the object. Only the application
	    service can modify or delete the object.

       auth-redirect-request
	    OAuth Request name to be used for user redirect in order to obtain
	    authorization code.

       grant-type
	    Specifies grant type that should be used to request an
	    access_token.

       redirection-uri
	    Specifies redirection URI. The redirection URI is used by the
	    Authorization Server to redirect user back after authentication.
	    The URI is a property of client application registered at
	    authorization server. This option is used along with
	    'authorization-code' grant type only.

       scope
	    The list of scopes to request user's permission for.

       scope-data-request
	    Defines OAuth Request to obtain additional information from the
	    resource server for the specified scope, using access_token.

       server
	    Specifies OAuth Server that represents the authorization server to
	    work with.

       token-refresh-request
	    Specifies OAuth Request to refresh an expired access_token.

       token-request
	    Specifies OAuth Request to request an access_token.

       type Type of the OAuth agent. Available options are: client or scope.
	    Default value client.  The type cannot be changed for an existing
	    OAuth agent.

       validation-scopes-request
	    Specifies OAuth Request to validate the access_token (when agent
	    type is client) or to retrieve list of scopes associated with the
	    access_token (when agent type is scope).

SEE ALSO
       tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2011-2014, 2016. All rights
       reserved.



BIG-IP				  2016-09-23	 apm policy agent aaa-oauth(1)