The following request body is sent during the silentauthenticate call:
{{
"svcinfo": {
"did": 1,
"protocol": "FIDO2_0",
"authtype": "PASSWORD",
"svcusername": "svcfidouser",
"svcpassword": "Abcd1234!"
},
"payload": {
"jwt": "eyJhbGciOiJFUzI1NiIuRXh0.....xtJJjCJmjuzg9d9gSnbQ",
"ssorequest": [
{
"saml": "PHNhbWxwOkF1dGhuUmVxdWVzd...FtbHA6QXV0aG5SZXF1ZXN0Pg==",
"applicationName": "jmeter",
"TLSCACert": "MIIDDzCCAragAwIBAgIU...m2Jx3EZF6GLDlPSiQ==",
"nameIdFormat": "kerberos"
}
],
"username": "jilldoe"
},
"appTXID": "exampleappTXID"
}
Value |
Explanation |
did |
Unique identifier for a cryptographic domain within SKFS. Unless using a StrongKey Tellaro appliance, this defaults to 1. |
protocol |
The FIDO protocol to be used in this request (FIDO2_0). |
authtype |
The type of authentication supplied in this service request—it must be PASSWORD or HMAC (see API Security for details); the example shown here is for PASSWORD type of authentication. |
svcusername |
The username of the service credential requesting this web service. |
svcpassword |
The password of the service credential requesting this web service. When PASSWORD authtype is used, SKFS uses entries in a previously configured Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) to authenticate the credential (see Manage Credentials under [SKFS ⇒ Administration ⇒ Security] for details). |
Value |
Explanantion |
jwt |
A JSON Web Token (JWT) conforming to RFC-7519, that was provided when the user was authenticated |
ssorequest |
An array of JSON Objects containing the following values: |
saml |
This attribute contains the Base64 encoded SAML Request sent by a service provider in a SP initiated Single Sign On (SSO) flow. |
applicationName |
[OPTIONAL]: The string value for the application Name |
TLSCACert |
[OPTIONAL]: Base64 pem encoded String value for TLS ClientAuth certificate of the user |
nameIdFormat |
[OPTIONAL]: the NameID format specifies how a user's identity is represented within a SAML assertion. It's a crucial part of how identity providers and service providers exchange information about users. By default, the value for NameID format is kerberos. This can be take values: kerberos | emailaddress | subjectname. |
username |
This is a string of the name of the application user, so it can be easily accessible to the web application. |
appTXID |
An optional string within any SKFS web service request body's payload JSON object that, if added, will attach the appTXID value to the TXID logged by the server. |