Product Documentation

    The following request body is sent during the updatepolicy web service call:

    • URL: https://<FQDN>:<PORT>/skfs/rest/updatepolicy

    • HTTP Method: POST

    • FIDO2_0 request body: 
      {
  "svcinfo": {
    "did": 1,
    "protocol": "FIDO2_0",
    "authtype": "PASSWORD",
    "svcusername": "fidoadminuser",
    "svcpassword": "Abcd1234!"
  },
  "payload": {
     "did" : "1",
     "sid" : "1",
     "pid" : "1",
     "notes" : "Updated Minimal Policy"
     "policy" : "{\"FidoPolicy\":{\"name\":\"Updated MinimalPolicy\",\"copyright\":\"\",\"version\":\"1.0\",\"startDate\":\"1695755367\",\"endDate\":\"1760103870871\",\"system\":{\"did\":1,\"requireCounter\":\"optional\",\"integritySignatures\":false,\"userVerification\":[\"required\",\"preferred\",\"discouraged\"],\"userPresenceTimeout\":0,\"allowedAaguids\":[\"all\"],\"transport\":[\"usb\",\"internal\"]},\"crossOrigin\":{\"enabled\":false,\"allowedOrigins\":[]},\"algorithms\":{\"curves\":[\"secp256r1\",\"secp384r1\",\"secp521r1\",\"curve25519\"],\"rsa\":[\"RS256\",\"RS384\",\"RS512\",\"PS256\",\"PS384\",\"PS384\"],\"signatures\":[\"ES256\",\"ES384\",\"ES512\",\"EdDSA\",\"ES256K\"]},\"attestation\":{\"conveyance\":[\"none\",\"indirect\",\"direct\",\"enterprise\"],\"formats\":[\"fido-u2f\",\"packed\",\"tpm\",\"android-key\",\"android-safetynet\",\"apple\",\"none\"]},\"registration\":{\"displayName\":\"required\",\"attachment\":[\"platform\",\"cross-platform\"],\"discoverableCredential\":[\"required\",\"preferred\",\"discouraged\"],\"excludeCredentials\":\"enabled\"},\"authentication\":{\"allowCredentials\":\"enabled\"},\"authorization\":{\"maxdataLength\":256,\"preserve\":true},\"rp\":{\"id\":\"strongkey.com\",\"name\":\"FIDOServer\"},\"extensions\":{},\"mds\":{\"authenticatorStatusReport\":[{\"status\":\"FIDO_CERTIFIED_L1\",\"priority\":\"1\",\"decision\":\"IGNORE\"},{\"status\":\"FIDO_CERTIFIED_L2\",\"priority\":\"1\",\"decision\":\"ACCEPT\"},{\"status\":\"UPDATE_AVAILABLE\",\"priority\":\"5\",\"decision\":\"IGNORE\"},{\"status\":\"REVOKED\",\"priority\":\"10\",\"decision\":\"DENY\"}]},\"jwt\":{\"algorithms\":[\"ES256\",\"ES384\",\"ES521\"],\"duration\":30,\"required\":[\"rpid\",\"iat\",\"exp\",\"cip\",\"uname\",\"agent\"]},\"signcerts\":{\"rootca\":{\"subjectdn\":\"CN=StrongKey FIDO Server RootCA,OU=DID 1,O=StrongKey\",\"serialnumber\":\"153089208\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIICVTCCAbWgAwIBAgIECR/0uDAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTg1MzU1WhcNMjQwOTI1MTg1MzU1WjBLMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMSUwIwYDVQQDExxTdHJvbmdLZXkgRklETyBTZXJ2ZXIgUm9vdENBMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAKdMCnmZ/QMfHWufIV9aA49xGI7ImKiT2YjQBoswqNWEY+63pxukjRr14SA2vJ/tKdafI5Yx3dlVMgTad/3az0HsADjg8AVyRdF+1dC6CStNLl+cFqYjkKa16XinFWo8TEuYE/ZfWSbebYBjnvCz1fopXIBHSeSiTRyoL3nswxgesyQOjQjBAMB0GA1UdDgQWBBRHI2A4EbhscyMAfNIws12mutbMxzAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAMBggqhkjOPQQDBAUAA4GLADCBhwJBKRVNRJyocSeCKTWbACpu5O9XVSsvG0mlKuQdHzJ1AL80qB5Cia/WGr4t51lDdi8EEsBO7p08/dgzjhZFe+Yn0fkCQgGEh1ZA41umC5bsaofCAylskT7UT+rkpzhitztutiZRoyJFOTJo9oRTZxl/PZ1tTCoDNvnNkPuyw9a4GzhDAAUlSw==-----END CERTIFICATE-----]\",\"jwtcerts\":{\"default\":[{\"subjectdn\":\"CN=SKFS JWT Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1256093574\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIICBzCCAWegAwIBAgIESt53hjAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTg1NDA2WhcNMjQwOTI1MTg1NDA2WjBAMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRowGAYDVQQDExFTS0ZTIEpXVCBTaWduZXIgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLTURd8bQRmtA71rfAPDyAzGEX/Dl4WDl3E5b1n6BfZz5zoiEzyDj11l7rZ0tuuLiKyay1BxyhBVPzMA+UiDKEGjQjBAMB0GA1UdDgQWBBROqA0rKTnzRGCNH6l0l7VbaVrNcjAfBgNVHSMEGDAWgBRHI2A4EbhscyMAfNIws12mutbMxzAMBggqhkjOPQQDBAUAA4GLADCBhwJCARrWsDf7hfwTMg9ToLyhcV5s3d4PGCdoD4LUGWhD2Mmb94nQkeGoTSM+G7yzvf3pwQZiKydcGvXLsr/fJJ+5nfXuAkEkw4PFEfd5zzzRgMzUAxK4Mb/QNwCbLKIIAtUymHAiEzga9d2komcTmyZ7LpXvRPPbzQsQwmlRcEMAZg7OHCtcHw==-----END CERTIFICATE-----]\"},{\"subjectdn\":\"CN=SKFS JWT Signer 2,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1911028544\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIICCDCCAWegAwIBAgIEcef7QDAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTg1NDIzWhcNMjQwOTI1MTg1NDIzWjBAMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRowGAYDVQQDExFTS0ZTIEpXVCBTaWduZXIgMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPp1J1YmJvTQch4beoPi01BXy5NZ4G0xkm5K1Joi93mj9hcKTR0hc3ekFra4zVxBk6spxAIrjQsxdQmdTMze6o2jQjBAMB0GA1UdDgQWBBTR7k5O3Y6OEx9QcO4daVpcd6YuZTAfBgNVHSMEGDAWgBRHI2A4EbhscyMAfNIws12mutbMxzAMBggqhkjOPQQDBAUAA4GMADCBiAJCANsYPYXS1O5i8KjhDoUlb4pj2Ibw1ykBbMWY52qbHKvguGJfk80SZ/hiIQ8KoWbvoCt7em78+TTUQvurxnHMug/cAkIBJfnmS5NoAU1VnA7a0nClJAAPLUdxT3NOXka/AI5JAjcJ/k2oWt/FbRneaA0Pfvna1T5Xp64PCIn+DWu9Ay9h0C0=-----END CERTIFICATE-----]\"}]\"}]},\"samlcerts\":{\"default\":[{\"subjectdn\":\"CN=SKFS SAML Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"888520634\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIENPW/ujAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTkwMjI2WhcNMjQwOTI1MTkwMjI2WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkj5t+TSvE9SyZ7jETWscm6NVg/scU10Tqk9MnF5Y+/PZeCCMA5jWi8ahc47uq9uXyTUiHjX8uO3YNXInuCq6HGyMuen7Wrdtozv8IUNyVv0aCvEuNTawA/UkImVCdDCCTqxULAdzJnhGZ+L5a1ZfKIXyRjKuq/MrnhybtlcAaqY/s/xO2ukFRhi9yIg+m09Xg8TxOFmKYy7ngk2Y6PjdKGO0OjR3BGI0inRnBYbhkNBG5gthA5aMa5YIXeNeiHHZupYJd2SIQHMtVe2wdULSP+MT6MkmW1nJDPi/bId74wvGz7SHPbfAQSrQQYKLFfgA4A8qrWV1tVYkVphZMtRvFAgMBAAGjUjBQMB0GA1UdDgQWBBT6QNvuxPXzS4hg7nLwwkRvQV0ZMzAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAURyNgOBG4bHMjAHzSMLNdprrWzMcwDAYIKoZIzj0EAwQFAAOBiwAwgYcCQQqpOIfpD4T/tQOfpbNDrhdA97wJOqz8SDN0/4IUHFH3kmXOBkI1/fNmXGXCvor2gui/cTnsxuds4SQ/TsCFvZ5PAkIBSawnFUVAxVVP4Ot2c5fnOLaxWeIZYDD1egLizba9vp6RuhiJ7AkXT9zNSoD9XBoTanYH3KnLv8S1iby1YkI7Obo=-----END CERTIFICATE-----]\"},{\"subjectdn\":\"CN=SKFS SAML Signer 2,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1084555693\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIEQKUBrTAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTkwMjQyWhcNMjQwOTI1MTkwMjQyWjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJe2R2/c7YZfOVrLgprBW+0Iko6UynveN3bR68n1p4+LrjxZEp7lIhil390eN0ySRxXIa3q0GeDruCG/p5Irx2xJ/7z/v3DSy9QI304vmSjS9cstSRXL/Pi4zLqU/i674MNzYWShWqOcJYJ3xuZk036aAX2pIfNGbUgz0z5/Y3L3NJTjZKGAFtFe/clXebr82tsfnDHPDwZqk5oW0pHyGgaFZK0hmyXeOw5w54VeXvGcUP1v5g/UIP7rnrLSN3VsWVjscuDKFApHLVi7asZ9DDEyifhPQ0R9ZLqZ2km+ujJa8tsqFFLC34kO6Il+IcCraKx12/5or60RkBK0s+KwhnAgMBAAGjUjBQMB0GA1UdDgQWBBS6FDwl/vvW/3ApfEhrgk2RRotURjAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAURyNgOBG4bHMjAHzSMLNdprrWzMcwDAYIKoZIzj0EAwQFAAOBiwAwgYcCQgH3s1YdmA1tUGMKd3fds+PBj0ml9HyH/6nS7GQ2K2YydFc6r0oLWR4aE2FyobwRc2gglr3ZVipRzwF+dxXiIRT6iAJBP3XqVSvS72jLOXMif67yv6CZ3Hs/NoKAanyTcjwwVtYFxSR1j0W3e9QEP8HWi5yRul7zS3TO4G5DuHf5+v5JXGk=-----END CERTIFICATE-----]\"}],\"citrixidp\":{\"subjectdn\":\"CN=SKFS SAML Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"888520634\",\"pemcert\":\"[-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIENPW/ujAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI2MTkwMjI2WhcNMjQwOTI1MTkwMjI2WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkj5t+TSvE9SyZ7jETWscm6NVg/scU10Tqk9MnF5Y+/PZeCCMA5jWi8ahc47uq9uXyTUiHjX8uO3YNXInuCq6HGyMuen7Wrdtozv8IUNyVv0aCvEuNTawA/UkImVCdDCCTqxULAdzJnhGZ+L5a1ZfKIXyRjKuq/MrnhybtlcAaqY/s/xO2ukFRhi9yIg+m09Xg8TxOFmKYy7ngk2Y6PjdKGO0OjR3BGI0inRnBYbhkNBG5gthA5aMa5YIXeNeiHHZupYJd2SIQHMtVe2wdULSP+MT6MkmW1nJDPi/bId74wvGz7SHPbfAQSrQQYKLFfgA4A8qrWV1tVYkVphZMtRvFAgMBAAGjUjBQMB0GA1UdDgQWBBT6QNvuxPXzS4hg7nLwwkRvQV0ZMzAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAURyNgOBG4bHMjAHzSMLNdprrWzMcwDAYIKoZIzj0EAwQFAAOBiwAwgYcCQQqpOIfpD4T/tQOfpbNDrhdA97wJOqz8SDN0/4IUHFH3kmXOBkI1/fNmXGXCvor2gui/cTnsxuds4SQ/TsCFvZ5PAkIBSawnFUVAxVVP4Ot2c5fnOLaxWeIZYDD1egLizba9vp6RuhiJ7AkXT9zNSoD9XBoTanYH3KnLv8S1iby1YkI7Obo=-----END CERTIFICATE-----]\"}}}}}}"

     

    svcinfo Description

    Value

    Explanation

    did

    Unique identifier for a cryptographic domain in SKFS. Unless you are using a StrongKey Tellaro appliance, this defaults to 1.

    protocol

    The FIDO protocol to be used in this request (FIDO2_0).

    authtype

    The type of authentication supplied in this service request—it must be PASSWORD or HMAC (see API Security for details); the example shown here is for PASSWORD type of authentication.

    svcusername

    The username of the service credential requesting this web service.

    svcpassword

    The password of the service credential requesting this web service.

         When PASSWORD authtype is used, SKFS uses entries in a previously configured Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) to authenticate the credential (see Manage Credentials under [ SKFS ⇒ Administration ⇒ Security ] for details).

     

    payload Description

    Value

    Explanation

    did

    The unique identifier for a cryptographic domain in SKFS

    sid

    The server ID refers the number assigned to a Server during installation

    pid

    The policy ID refers to the unique ID that was assigned to the policy when it was generated

    policy

    The updated policy to be configured for the cryptographic domain. Please refer the SKFS Module for JSON Schema and more information about the module.

    Note: The policy has been minified and all the double quotes have been escaped using a backslash for the policy to be processed correctly.

    notes

    This can reflect the new policy name and/or any notes that identify the change.