許可プロバイダ設定の移行
移行プロセスには以下の手順が含まれます。
- GET リクエストを使用して、開発環境またはテスト環境から既存のペイロードを取得します。
- GET レスポンスのペイロードを変更します。
- POST リクエストに対して変更されたペイロードを使用します。
GET を使用した既存の許可プロバイダ オブジェクト ペイロードの取得
リソース
: https://test_server_host
:8443/ca/api/sso/services/policy/v1/FedOIDCAdminConfigs/{FedOIDCAdminConfigName}
エンドポイント
: /ca/api/sso/services/policy/v1/FedOIDCAdminConfigs/{FedOIDCAdminConfigName}
メソッド
: GETレスポンス
: ここをクリックすると、サンプル レスポンスが表示されます
{ "responseType": "object", "data": { "id": "CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f", "type": "FedOIDCAdminConfig", "Name": "OIDCProvider", "AuthorizationServerBaseURL": "https://wa.prod.com/affwebservices/redirectjsp/redirect.jsp", "SignIDToken": true, "SecureAuthenticationURL": false, "AuthenticationURL": "https://wa.prod.com", "SigningAlgorithm": "RS256", "EncryptUserInfo": false, "SignUserInfo": false, "AuthenticationType": "DYNAMIC", "MinimumAuthenticationLevel": 20, "AuthorizationCodeExpiryTime": 600, "EncryptIDToken": false, "SigningAlias": { "id": "CA.FED::Certificate@000ba792-ebf1-1ee9-8c88-5f630a83537f", "path": "/FedCertificates/cacert", "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::Certificate@000ba792-ebf1-1ee9-8c88-5f630a83537f" }, "ScopeMapping": [ { "id": "CA.FED::OIDCScopeAndClaimsMapping@000d50b6-51d5-1eea-8c88-5f630a83537f", "type": "FedOIDCScopeAndClaimsMapping", "Claims": "sub", "ScopeName": "scope1" } ], "ClaimsMapping": [ { "id": "CA.FED::OIDCClaimAndUserAttributeMapping@000d4d37-51d5-1eea-8c88-5f630a83537f", "type": "FedOIDCClaimAndUserAttributeMapping", "Claim": "sub", "UserAttribute": "uid" }, { "id": "CA.FED::OIDCClaimAndUserAttributeMapping@000d4f14-51d5-1eea-8c88-5f630a83537f", "type": "FedOIDCClaimAndUserAttributeMapping", "Claim": "sub", "UserAttribute": "Name" } ], "UserDirectories": [ { "id": "CA.SM::UserDirectory@0e-000f247d-e8db-1ee9-8c88-5f630a83537f", "path": "/SmUserDirectories/ud", "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.SM::UserDirectory@0e-000f247d-e8db-1ee9-8c88-5f630a83537f" } ], "ACRConfiguration": [ { "ACR": "testACR", "MaximumAuthenticationLevel": 25, "AuthenticationURL": "https://test1.ca.com", "Default": false }, { "ACR": "testACR2", "MaximumAuthenticationLevel": 22, "AuthenticationURL": "https://test2.ca.com", "Default": true } ] }, "links": { "self": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f" }, "usedby": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f/usedby" }, "classinfo": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f/classinfo" }, "editinfo": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f?op=editinfo" } } }
GET レスポンスの変更
- 太字で強調表示されたコードを削除します。POST リクエストで強調表示されたコードは不要であるか、または対応するパラメータがバックエンドで自動的に作成されます。
- のコードを path 属性に置き換えます。太字および斜体
- 必要に応じてパラメータ値を変更します。
{ "responseType": "object", "data": {"id": "CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f","type": "FedOIDCAdminConfig", "Name": "OIDCProvider", "AuthorizationServerBaseURL": "https://wa.prod.com/affwebservices/redirectjsp/redirect.jsp", "SignIDToken": true, "SecureAuthenticationURL": false, "AuthenticationURL": "https://wa.prod.com", "SigningAlgorithm": "RS256", "EncryptUserInfo": false, "SignUserInfo": false, "AuthenticationType": "DYNAMIC", "MinimumAuthenticationLevel": 20, "AuthorizationCodeExpiryTime": 600, "EncryptIDToken": false, "SigningAlias": {"id": "CA.FED::Certificate@000ba792-ebf1-1ee9-8c88-5f630a83537f","path": "/FedCertificates/cacert","href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::Certificate@000ba792-ebf1-1ee9-8c88-5f630a83537f"}, "ScopeMapping": [ {"id": "CA.FED::OIDCScopeAndClaimsMapping@000d50b6-51d5-1eea-8c88-5f630a83537f","type": "FedOIDCScopeAndClaimsMapping", "Claims": "sub", "ScopeName": "scope1" } ], "ClaimsMapping": [ {"id": "CA.FED::OIDCClaimAndUserAttributeMapping@000d4d37-51d5-1eea-8c88-5f630a83537f","type": "FedOIDCClaimAndUserAttributeMapping", "Claim": "sub", "UserAttribute": "uid" }, {"id": "CA.FED::OIDCClaimAndUserAttributeMapping@000d4f14-51d5-1eea-8c88-5f630a83537f","type": "FedOIDCClaimAndUserAttributeMapping", "Claim": "sub", "UserAttribute": "Name" } ], "UserDirectories": [ {"id": "CA.SM::UserDirectory@0e-000f247d-e8db-1ee9-8c88-5f630a83537f","path": "/SmUserDirectories/ud","href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.SM::UserDirectory@0e-000f247d-e8db-1ee9-8c88-5f630a83537f"} ], "ACRConfiguration": [ { "ACR": "testACR", "MaximumAuthenticationLevel": 25, "AuthenticationURL": "https://test1.ca.com", "Default": false }, { "ACR": "testACR2", "MaximumAuthenticationLevel": 22, "AuthenticationURL": "https://test2.ca.com", "Default": true } ] }, "links": { "self": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f" }, "usedby": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f/usedby" }, "classinfo": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f/classinfo" }, "editinfo": { "href": "https://lodibl208dvm035.ihy.broadcom.net:8443/ca/api/sso/services/policy/v1/objects/CA.FED::OIDCAdminConfig@000cea42-51d5-1eea-8c88-5f630a83537f?op=editinfo" } } }
POST リクエストを使用したオブジェクトの移行
リソース
: https://production_server_host
:8443/ca/api/sso/services/policy/v1/FedOIDCAdminConfigs/{FedOIDCAdminConfigName}エンドポイント
: /ca/api/sso/services/policy/v1/SmDomains/v1/FedOIDCAdminConfigs/{FedOIDCAdminConfigName}メソッド
: POST