The following request body is sent during the getpolicy web service call:
- URL: https://<FQDN>:<PORT>/skfs/rest/getpolicy
- HTTP Method: POST
- FIDO2_0 request body:
{ "svcinfo": { "did": 1, "protocol": "FIDO2_0", "authtype": "PASSWORD", "svcusername": "fidoadminuser", "svcpassword": "Abcd1234!" }, "payload": { "did" : "1", "sid" : "1", "pid" : "1", "metadataonly": "false" } }
svcinfo Description
|
Value |
Explanation |
|
did |
Unique identifier for a cryptographic domain in SKFS. Unless you are using a StrongKey Tellaro appliance, this defaults to 1. |
|
protocol |
The FIDO protocol to be used in this request (FIDO2_0). |
|
authtype |
The type of authentication supplied in this service request—it must be PASSWORD or HMAC (see API Security for details); the example shown here is for PASSWORD type of authentication. |
|
svcusername |
The username of the service credential requesting this web service. |
|
svcpassword |
The password of the service credential requesting this web service. When PASSWORD authtype is used, SKFS uses entries in a previously configured Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) to authenticate the credential (see Manage Credentials under [ SKFS ⇒ Administration ⇒ Security ] for details). |
payload Description
|
Value |
Explanation |
|
did |
The unique identifier for a cryptographic domain in SKFS |
|
sid |
The server ID refers the number assigned to a Server during installation |
|
pid |
The policy ID refers to the unique ID that was assigned to the policy when it was generated |
|
metadataonly |
This takes a string with a boolean value of "true/false". If it is set to "true", it only returns the metadata with the status of the Policy and the creation Date.
If it is set to "false", it returns the base64-encoded Policy for the cryptographic domain. |