Obtain the Authentication Scheme from all territories (Realm)
search cancel

Obtain the Authentication Scheme from all territories (Realm)

book

Article ID: 279700

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction


When running Policy Server, how to know each authentication scheme bound to the Realm and Domain, without having to go through the AdminUI and open each realm?

 

Resolution


At first glance, there's a REST API available that, by command line, can help to list all the Realms, and thus, by filtering each of them, allow to get the Authentication Schemes.

The main page to get all the REST API's is in the AdminUI itself, accessible through:

  SiteMinder REST Services
  https://your_adminui:port/ca/api/sso/services/v1/api-doc/

In SmRealm section:

Get the way to set up a cURL call to get all the realms, and then for each Realm, to get the Authentication Scheme associated.

  GET /ca/api/sso/services/policy/v1/SmRealms

  {
    "responseType": "links",
    "path": "children",
    "xpsclass": "SmRealms",
    "data": [
      {
        "id": "CA.SM::Realm@06-000dfaa1-2acf-1553-a34c-0165c0a80000",
        "path": "/SmDomains/<realmname-1>/SmRealms/<realmname-1>",
        "href": "https://ps.example.com:8443/ca/api/sso/services/policy/v1/objects/CA.SM::Realm@06-000dfaa1-2acf-1553-a34c-5s22s22a2ss"
      },
      {
        "id": "CA.SM::Realm@06-000db190-516e-145a-bebc-5s22s22a2ss",
        "path": "/SmDomains/<realmname-2>/SmRealms/<realmname-2>",
        "href": "https://ps.example.com:8443/ca/api/sso/services/policy/v1/objects/CA.SM::Realm@06-000db190-516e-145a-bebc-5s22s22a2ss"
      },

Then filter all the Paths.

For each path, get the Authentication Scheme.

  GET /ca/api/sso/services/policy/v1/SmDomains/<realmname-1>/SmRealms/<realmname-1>

  {
    "responseType": "object",
    "parent": {
      "id": "CA.SM::Domain@03-0009eab7-2abd-1553-a34c-5s22s22a2ss",
      "path": "/SmDomains/<realmname-1>",
      "href": "https://ps.example.com:8443/ca/api/sso/services/policy/v1/objects/CA.SM::Domain@03-0009eab7-2abd-1553-a34c-5s22s22a2ss"
    },
    "data": {
      "id": "CA.SM::Realm@06-000dfaa1-2acf-1553-a34c-5s22s22a2ss",
      "type": "SmRealm",
      "Name": "<realmname-1>",

      [...omitted for brevity...]

      "AuthSchemeLink": {
        "id": "CA.SM::AuthScheme@0d-4afc0e42-ae25-11d1-9cdd-2215s511dsa",
        "path": "/SmAuthSchemes/Basic",
        "href": "https://ps.example.com:8443/ca/api/sso/services/policy/v1/objects/CA.SM::AuthScheme@0d-4afc0e42-ae25-11d1-9cdd-2215s511dsa",
        "desc": "Directory username/password"
      }

The section "SmAuthScheme" will give access directly to all and each Authentication Scheme present in the Policy Store.

 

Powered by Wolken Software