The following request body is sent during the addpolicy call:
{
"svcinfo": {
"did": 1,
"protocol": "FIDO2_0",
"authtype": "PASSWORD",
"svcusername": "fidoadminuser",
"svcpassword": "Abcd1234!"
},
"payload": {
"policy: "{\"FidoPolicy\":{\"name\":\"Newly-added MinimalPolicy\",\"copyright\":\"\",\"version\":\"1.0\",\"startDate\":\"1695755367\",\"endDate\":\"1760103870871\",\"system\":{\"did\":1,\"requireCounter\":\"optional\",\"integritySignatures\":false,\"userVerification\":[\"required\",\"preferred\",\"discouraged\"],\"userPresenceTimeout\":0,\"allowedAaguids\":[\"all\"],\"transport\":[\"usb\",\"internal\"]},\"crossOrigin\":{\"enabled\":false,\"allowedOrigins\":[]},\"algorithms\":{\"curves\":[\"secp256r1\",\"secp384r1\",\"secp521r1\",\"curve25519\"],\"rsa\":[\"RS256\",\"RS384\",\"RS512\",\"PS256\",\"PS384\",\"PS384\"],\"signatures\":[\"ES256\",\"ES384\",\"ES512\",\"EdDSA\",\"ES256K\"]},\"attestation\":{\"conveyance\":[\"none\",\"indirect\",\"direct\",\"enterprise\"],\"formats\":[\"fido-u2f\",\"packed\",\"tpm\",\"android-key\",\"android-safetynet\",\"apple\",\"none\"]},\"registration\":{\"displayName\":\"required\",\"attachment\":[\"platform\",\"cross-platform\"],\"discoverableCredential\":[\"required\",\"preferred\",\"discouraged\"],\"excludeCredentials\":\"enabled\"},\"authentication\":{\"allowCredentials\":\"enabled\"},\"authorization\":{\"maxdataLength\":256,\"preserve\":true},\"rp\":{\"id\":\"strongkey.com\",\"name\":\"FIDOServer\"},\"extensions\":{},\"mds\":{\"authenticatorStatusReport\":[{\"status\":\"FIDO_CERTIFIED_L1\",\"priority\":\"1\",\"decision\":\"IGNORE\"},{\"status\":\"FIDO_CERTIFIED_L2\",\"priority\":\"1\",\"decision\":\"ACCEPT\"},{\"status\":\"UPDATE_AVAILABLE\",\"priority\":\"5\",\"decision\":\"IGNORE\"},{\"status\":\"REVOKED\",\"priority\":\"10\",\"decision\":\"DENY\"}]},\"jwt\":{\"algorithms\":[\"ES256\",\"ES384\",\"ES521\"],\"duration\":30,\"required\":[\"rpid\",\"iat\",\"exp\",\"cip\",\"uname\",\"agent\"]},\"signcerts\":{\"rootca\":{\"subjectdn\":\"CN=StrongKey FIDO Server RootCA,OU=DID 1,O=StrongKey\",\"serialnumber\":\"153089208\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIICVTCCAbWgAwIBAgIECR/0uDAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTg1MzU1WhcNMjQwOTI1MTg1MzU1WjBLMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMSUwIwYDVQQDExxTdHJvbmdLZXkgRklETyBTZXJ2ZXIgUm9vdENBMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAKdMCnmZ/QMfHWufIV9aA49xGI7ImKiT2YjQBoswqNWEY+63pxukjRr14SA2vJ/tKdafI5Yx3dlVMgTad/3az0HsADjg8AVyRdF+1dC6CStNLl+cFqYjkKa16XinFWo8TEuYE/ZfWSbebYBjnvCz1fopXIBHSeSiTRyoL3nswxgesyQOjQjBAMB0GA1UdDgQWBBRHI2A4EbhscyMAfNIws12mutbMxzAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAMBggqhkjOPQQDBAUAA4GLADCBhwJBKRVNRJyocSeCKTWbACpu5O9XVSsvG0mlKuQdHzJ1AL80qB5Cia/WGr4t51lDdi8EEsBO7p08/dgzjhZFe+Yn0fkCQgGEh1ZA41umC5bsaofCAylskT7UT+rkpzhitztutiZRoyJFOTJo9oRTZxl/PZ1tTCoDNvnNkPuyw9a4GzhDAAUlSw==-----END CERTIFICATE-----]\",\"jwtcerts\":{\"default\":[{\"subjectdn\":\"CN=SKFS JWT Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1256093574\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIICBzCCAWegAwIBAgIESt53hjAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTg1NDA2WhcNMjQwOTI1MTg1NDA2WjBAMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRowGAYDVQQDExFTS0ZTIEpXVCBTaWduZXIgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLTURd8bQRmtA71rfAPDyAzGEX/Dl4WDl3E5b1n6BfZz5zoiEzyDj11l7rZ0tuuLiKyay1BxyhBVPzMA+UiDKEGjQjBAMB0GA1UdDgQWBBROqA0rKTnzRGCNH6l0l7VbaVrNcjAfBgNVHSMEGDAWgBRHI2A4EbhscyMAfNIws12mutbMxzAMBggqhkjOPQQDBAUAA4GLADCBhwJCARrWsDf7hfwTMg9ToLyhcV5s3d4PGCdoD4LUGWhD2Mmb94nQkeGoTSM+G7yzvf3pwQZiKydcGvXLsr/fJJ+5nfXuAkEkw4PFEfd5zzzRgMzUAxK4Mb/QNwCbLKIIAtUymHAiEzga9d2komcTmyZ7LpXvRPPbzQsQwmlRcEMAZg7OHCtcHw==-----END CERTIFICATE-----]\"},{\"subjectdn\":\"CN=SKFS JWT Signer 2,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1911028544\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIICCDCCAWegAwIBAgIEcef7QDAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTg1NDIzWhcNMjQwOTI1MTg1NDIzWjBAMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRowGAYDVQQDExFTS0ZTIEpXVCBTaWduZXIgMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPp1J1YmJvTQch4beoPi01BXy5NZ4G0xkm5K1Joi93mj9hcKTR0hc3ekFra4zVxBk6spxAIrjQsxdQmdTMze6o2jQjBAMB0GA1UdDgQWBBTR7k5O3Y6OEx9QcO4daVpcd6YuZTAfBgNVHSMEGDAWgBRHI2A4EbhscyMAfNIws12mutbMxzAMBggqhkjOPQQDBAUAA4GMADCBiAJCANsYPYXS1O5i8KjhDoUlb4pj2Ibw1ykBbMWY52qbHKvguGJfk80SZ/hiIQ8KoWbvoCt7em78+TTUQvurxnHMug/cAkIBJfnmS5NoAU1VnA7a0nClJAAPLUdxT3NOXka/AI5JAjcJ/k2oWt/FbRneaA0Pfvna1T5Xp64PCIn+DWu9Ay9h0C0=-----END CERTIFICATE-----]\"}]\"}]},\"samlcerts\":{\"default\":[{\"subjectdn\":\"CN=SKFS SAML Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"888520634\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIENPW/ujAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTkwMjI2WhcNMjQwOTI1MTkwMjI2WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkj5t+TSvE9SyZ7jETWscm6NVg/scU10Tqk9MnF5Y+/PZeCCMA5jWi8ahc47uq9uXyTUiHjX8uO3YNXInuCq6HGyMuen7Wrdtozv8IUNyVv0aCvEuNTawA/UkImVCdDCCTqxULAdzJnhGZ+L5a1ZfKIXyRjKuq/MrnhybtlcAaqY/s/xO2ukFRhi9yIg+m09Xg8TxOFmKYy7ngk2Y6PjdKGO0OjR3BGI0inRnBYbhkNBG5gthA5aMa5YIXeNeiHHZupYJd2SIQHMtVe2wdULSP+MT6MkmW1nJDPi/bId74wvGz7SHPbfAQSrQQYKLFfgA4A8qrWV1tVYkVphZMtRvFAgMBAAGjUjBQMB0GA1UdDgQWBBT6QNvuxPXzS4hg7nLwwkRvQV0ZMzAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAURyNgOBG4bHMjAHzSMLNdprrWzMcwDAYIKoZIzj0EAwQFAAOBiwAwgYcCQQqpOIfpD4T/tQOfpbNDrhdA97wJOqz8SDN0/4IUHFH3kmXOBkI1/fNmXGXCvor2gui/cTnsxuds4SQ/TsCFvZ5PAkIBSawnFUVAxVVP4Ot2c5fnOLaxWeIZYDD1egLizba9vp6RuhiJ7AkXT9zNSoD9XBoTanYH3KnLv8S1iby1YkI7Obo=-----END CERTIFICATE-----]\"},{\"subjectdn\":\"CN=SKFS SAML Signer 2,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1084555693\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIEQKUBrTAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTkwMjQyWhcNMjQwOTI1MTkwMjQyWjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJe2R2/c7YZfOVrLgprBW+0Iko6UynveN3bR68n1p4+LrjxZEp7lIhil390eN0ySRxXIa3q0GeDruCG/p5Irx2xJ/7z/v3DSy9QI304vmSjS9cstSRXL/Pi4zLqU/i674MNzYWShWqOcJYJ3xuZk036aAX2pIfNGbUgz0z5/Y3L3NJTjZKGAFtFe/clXebr82tsfnDHPDwZqk5oW0pHyGgaFZK0hmyXeOw5w54VeXvGcUP1v5g/UIP7rnrLSN3VsWVjscuDKFApHLVi7asZ9DDEyifhPQ0R9ZLqZ2km+ujJa8tsqFFLC34kO6Il+IcCraKx12/5or60RkBK0s+KwhnAgMBAAGjUjBQMB0GA1UdDgQWBBS6FDwl/vvW/3ApfEhrgk2RRotURjAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAURyNgOBG4bHMjAHzSMLNdprrWzMcwDAYIKoZIzj0EAwQFAAOBiwAwgYcCQgH3s1YdmA1tUGMKd3fds+PBj0ml9HyH/6nS7GQ2K2YydFc6r0oLWR4aE2FyobwRc2gglr3ZVipRzwF+dxXiIRT6iAJBP3XqVSvS72jLOXMif67yv6CZ3Hs/NoKAanyTcjwwVtYFxSR1j0W3e9QEP8HWi5yRul7zS3TO4G5DuHf5+v5JXGk=-----END CERTIFICATE-----]\"}],\"citrixidp\":{\"subjectdn\":\"CN=SKFS SAML Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"888520634\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIENPW/ujAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTkwMjI2WhcNMjQwOTI1MTkwMjI2WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkj5t+TSvE9SyZ7jETWscm6NVg/scU10Tqk9MnF5Y+/PZeCCMA5jWi8ahc47uq9uXyTUiHjX8uO3YNXInuCq6HGyMuen7Wrdtozv8IUNyVv0aCvEuNTawA/UkImVCdDCCTqxULAdzJnhGZ+L5a1ZfKIXyRjKuq/MrnhybtlcAaqY/s/xO2ukFRhi9yIg+m09Xg8TxOFmKYy7ngk2Y6PjdKGO0OjR3BGI0inRnBYbhkNBG5gthA5aMa5YIXeNeiHHZupYJd2SIQHMtVe2wdULSP+MT6MkmW1nJDPi/bId74wvGz7SHPbfAQSrQQYKLFfgA4A8qrWV1tVYkVphZMtRvFAgMBAAGjUjBQMB0GA1UdDgQWBBT6QNvuxPXzS4hg7nLwwkRvQV0ZMzAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAURyNgOBG4bHMjAHzSMLNdprrWzMcwDAYIKoZIzj0EAwQFAAOBiwAwgYcCQQqpOIfpD4T/tQOfpbNDrhdA97wJOqz8SDN0/4IUHFH3kmXOBkI1/fNmXGXCvor2gui/cTnsxuds4SQ/TsCFvZ5PAkIBSawnFUVAxVVP4Ot2c5fnOLaxWeIZYDD1egLizba9vp6RuhiJ7AkXT9zNSoD9XBoTanYH3KnLv8S1iby1YkI7Obo=-----END CERTIFICATE-----]\"}}}}}}",
"notes" : "updated FIDO Policy"
}
}
Value |
Explanation |
did |
Unique identifier for a cryptographic domain in SKFS. Unless you are using a StrongKey Tellaro appliance, this defaults to 1. |
protocol |
The FIDO protocol to be used in this request (FIDO2_0). |
authtype |
The type of authentication supplied in this service request—it must be PASSWORD or HMAC (see API Security for details); the example shown here is for PASSWORD type of authentication. |
svcusername |
The username of the service credential requesting this web service. |
svcpassword |
The password of the service credential requesting this web service. When PASSWORD authtype is used, SKFS uses entries in a previously configured Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) to authenticate the credential (see Manage Credentials under [ SKFS ⇒ Administration ⇒ Security ] for details). |
Value |
Explanation |
policy |
The policy to be configured for each of the cryptographic domain. SKFS-PM Module helps define and manage FIDO Policy for each domain. Please refer the SKFS Module for more information and the JSON Schema.
Note: The policy has been minified and all the double quotes have been updated with the backslash for the policy to be processed correctly. |
notes |
The notes is a plain language name used to identify the kind of policy configured for the cryptographic domain. |