Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.
Note: this is an abstract component that cannot be instantiated.
A Token Claim Validation defines a condition about a token claim that must be satisfied for the token to be considered valid.
The following Token Claim Validations are available in the server :
These Token Claim Validations inherit from the properties described below.
The following components have a direct composition relation to Token Claim Validations:
The properties supported by this managed object are as follows:
Basic Properties: | Advanced Properties: |
---|---|
description | None |
claim-name |
Description | A description for this Token Claim Validation |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Description | The name of the claim to be validated. This claim must be present, and its name must be an exact match. |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
To list the configured Token Claim Validations:
dsconfig list-token-claim-validations [--property {propertyName}] ...
To view the configuration for an existing Token Claim Validation:
dsconfig get-token-claim-validation-prop --validation-name {name} --validator-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing Token Claim Validation:
dsconfig set-token-claim-validation-prop --validation-name {name} --validator-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To delete an existing Token Claim Validation:
dsconfig delete-token-claim-validation --validation-name {name} --validator-name {name}