apm aaa oauth-request
apm aaa oauth-request(1) BIG-IP TMSH Manual apm aaa oauth-request(1)
NAME
oauth-request - Manages an OAuth Request.
MODULE
apm aaa
SYNTAX
Configure the oauth-request component within the aaa module using the syntax shown in the following sections.
CREATE/MODIFY
create oauth-request [name]
modify oauth-request [name]
options:
app-service [[string] | none]
description [[string] | none]
headers [add | delete | modify | replace-all-with] {
[name] {
value [value]
}
method [get | post]
parameters [add | delete | modify | replace-all-with] {
[name] {
type [parameter type]
value [[string] | none]
}
}
type [request type]
uri [[string] | none]
edit oauth-request [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list oauth-request
list oauth-request [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete oauth-request [name]
DESCRIPTION
You can use the oauth-request component to manage an OAuth Request. The OAuth Request is an HTTP request that
is used during communication between the BIG-IP system and an OAuth Authorization Server (AS). Different
types of OAuth Requests can be configured for both OAuth Client and OAuth Scope agents.
EXAMPLES
create oauth-request F5AuthRedirectRequest { description "F5 Authentication Redirect request" method get
parameters add { client_id { type client-id } redirect_uri { type redirect-uri } response_type { value "code"
} } type auth-redirect-request }
Creates the OAuth Request named F5AuthRedirectRequest of type auth-redirect-request, sets HTTP method to
get and specifies the list of GET parameters to be sent: client-id, redirect_uri, response_type.
delete oauth-request F5AuthRedirectRequest
Deletes the OAuth Request named F5AuthRedirectRequest from the system.
OPTIONS
app-service
Specifies the name of the application service to which the object belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you cannot
modify or delete the object. Only the application service can modify or delete the object.
description
Specifies a description for the component. The default is none.
headers
Adds, deletes, or replaces a set of headers, by specifying a header name and value for each entry.
value
The value of the header.
method
Specifies the HTTP method for the OAuth Request. The options are:
get Configures the system to make HTTP request using GET method.
post Configures the system to make HTTP request using POST method.
parameters
Adds, deletes, or replaces a set of parameters, by specifying a parameter name for each entry. You can
configure the following options for each parameter:
type The type of the parameter. For a custom type of parameter, you must provide a value. For other
parameter types, the value is taken from other configurations. The options for the type of a
parameter are:
access-token The value for the parameter is access_token. Value assigned from session variable
session.oauth.client..access_token
client-id The value for this parameter type is the Client Id that is configured in the OAuth Server
object.
client-secret The value for this parameter type is the Client Secret that is configured in the OAuth
Server object.
grant-type The value for this parameter type is the Grant Type that is configured in the OAuth
Client agent.
redirect-uri The value for this parameter type is the Redirect URI that is configured in the OAuth
Client agent.
resource-server-id The value for this parameter is the Resource Server Id that is configured in the
OAuth Server object.
resource-server-secret The value for this parameter is the Resource Server Secret that is configured
in the OAuth Server object.
scope The value for this parameter is the Scope that is configured in the OAuth Client agent.
custom Custom parameter value; you can specify any custom value for the parameter.
Default value for parameter type is custom.
value
The value of the parameter. A value is required for parameters of type custom only.
partition
Displays the partition within which the component resides. The default is Common.
type Type of the request. The options for the type of a request are:
auth-redirect-request The Authentication Redirect request. This type of request is used to redirect user
to an Authorization Server, when OAuth Client agent is configured to use "Authorization Code" grant type.
token-request The Token request. This type of request is used to access an Authorization Server in order
to obtain an access_token or exchange an authorization_code for an access_token.
token-refresh-request The Refresh Token request. This type of request is used to refresh an expired
access_token.
token-revocation-request The Revocation request. This type of request is used to revoke an access_token.
validation-scopes-request The Validation and Scopes request. This type of request is used in OAuth Client
agent to validate an existing token. The same type of request is used to get a list of scopes associated
with an existing token.
scope-data-request The Scope Data request. This type of request is used to obtain additional information
from an Authorization Server.
Default value for request type is scope-data-request.
uri Request URI. This option is required for request of type scope-data-request only. All other types of
requests use endpoint URIs configured at OAuth Provider component.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015-2016. All rights reserved.
BIG-IP 2017-01-20 apm aaa oauth-request(1)