14. Code Documentation¶
The code roughly has three levels: API, LIB and DB.
14.1. API level¶
The API level is used to access the system.
For some calls you need to be authenticated as administrator,
for some calls you can be authenticated as normal user.
These are the token
and the audit
endpoint.
For calls to the validate
API you do not need to be authenticated at all.
At this level Authentication
is performed. In the lower levels there is no
authentication anymore.
The object g.logged_in_user
is used to pass the authenticated user.
The client gets a JSON Web Token to authenticate every request.
API functions are decorated with the decorators admin_required
and
user_required
to define access rules.
- 14.1.1. REST API
- 14.1.1.1. Audit endpoint
- 14.1.1.2. Authentication endpoints
- 14.1.1.3. Validate endpoints
- 14.1.1.4. System endpoints
- 14.1.1.5. Tokengroup endpoints
- 14.1.1.6. Service ID endpoints
- 14.1.1.7. Resolver endpoints
- 14.1.1.8. Realm endpoints
- 14.1.1.9. Default Realm endpoints
- 14.1.1.10. Token endpoints
- 14.1.1.11. User endpoints
- 14.1.1.12. Policy endpoints
- 14.1.1.13. Event endpoints
- 14.1.1.14. Machine Resolver endpoints
- 14.1.1.15. Machine endpoints
- 14.1.1.16. CA Connector endpoints
- 14.1.1.17. Recover endpoints
- 14.1.1.18. Register endpoints
- 14.1.1.19. Monitoring endpoints
- 14.1.1.20. Periodic Task endpoints
- 14.1.1.21. Application endpoints
- 14.1.1.22. Tokentype endpoints
- 14.1.1.23. SMTP server endpoints
- 14.1.1.24. SMS Gateway endpoints
- 14.1.1.25. RADIUS server endpoints
- 14.1.1.26. Client endpoints
14.2. LIB level¶
At the LIB level all library functions are defined. There is no authentication on this level. Also there is no flask/Web/request code on this level.
Request information and the logged_in_user
need to be passed to the
functions as parameters, if they are needed.
If possible, policies are checked with policy decorators.
- 14.2.1. library functions
- 14.2.1.1. Users
User
User.attributes
User.check_password()
User.delete()
User.delete_attribute()
User.exist()
User.get_ordererd_resolvers()
User.get_search_fields()
User.get_user_identifiers()
User.get_user_phone()
User.get_user_realms()
User.info
User.is_empty()
User.login
User.realm
User.resolver
User.set_attribute()
User.update_user_info()
create_user()
get_attributes()
get_user_from_param()
get_user_list()
get_username()
is_attribute_at_all()
log_used_user()
split_user()
- 14.2.1.2. Token Class
- 14.2.1.2.1. 4 Eyes Token
FourEyesTokenClass
FourEyesTokenClass.authenticate()
FourEyesTokenClass.check_challenge_response()
FourEyesTokenClass.convert_realms()
FourEyesTokenClass.create_challenge()
FourEyesTokenClass.get_class_info()
FourEyesTokenClass.get_class_prefix()
FourEyesTokenClass.get_class_type()
FourEyesTokenClass.has_further_challenge()
FourEyesTokenClass.is_challenge_request()
FourEyesTokenClass.realms_dict_to_string()
FourEyesTokenClass.update()
- 14.2.1.2.2. Certificate Token
CertificateTokenClass
CertificateTokenClass.get_as_dict()
CertificateTokenClass.get_class_info()
CertificateTokenClass.get_class_prefix()
CertificateTokenClass.get_class_type()
CertificateTokenClass.get_default_settings()
CertificateTokenClass.get_init_detail()
CertificateTokenClass.hKeyRequired
CertificateTokenClass.revoke()
CertificateTokenClass.set_pin()
CertificateTokenClass.update()
CertificateTokenClass.using_pin
- 14.2.1.2.3. Daplug Token
DaplugTokenClass
DaplugTokenClass.check_otp()
DaplugTokenClass.check_otp_exist()
DaplugTokenClass.get_class_info()
DaplugTokenClass.get_class_prefix()
DaplugTokenClass.get_class_type()
DaplugTokenClass.get_multi_otp()
DaplugTokenClass.get_otp()
DaplugTokenClass.is_multichallenge_enrollable
DaplugTokenClass.resync()
DaplugTokenClass.split_pin_pass()
- 14.2.1.2.4. eduPUSH Token
PushTokenClass
PushTokenClass.PUSH_ACTION
PushTokenClass.PUSH_ACTION.ALLOW_POLLING
PushTokenClass.PUSH_ACTION.FIREBASE_CONFIG
PushTokenClass.PUSH_ACTION.MOBILE_TEXT
PushTokenClass.PUSH_ACTION.MOBILE_TITLE
PushTokenClass.PUSH_ACTION.REGISTRATION_URL
PushTokenClass.PUSH_ACTION.SSL_VERIFY
PushTokenClass.PUSH_ACTION.TTL
PushTokenClass.PUSH_ACTION.WAIT
PushTokenClass.api_endpoint()
PushTokenClass.authenticate()
PushTokenClass.check_challenge_response()
PushTokenClass.client_mode
PushTokenClass.create_challenge()
PushTokenClass.create_push_token_url()
PushTokenClass.enroll_via_validate()
PushTokenClass.get_class_description()
PushTokenClass.get_class_info()
PushTokenClass.get_class_prefix()
PushTokenClass.get_class_title()
PushTokenClass.get_class_type()
PushTokenClass.get_init_detail()
PushTokenClass.get_policy_group()
PushTokenClass.get_push_url_prefix()
PushTokenClass.get_pushtoken_add_config()
PushTokenClass.is_challenge_request()
PushTokenClass.is_multichallenge_enrollable
PushTokenClass.mode
PushTokenClass.update()
PushTokenClass.use_for_authentication()
PushTokenClass.verify_signature()
- 14.2.1.2.5. Email Token
EmailTokenClass
EmailTokenClass.EMAIL_ADDRESS_KEY
EmailTokenClass.can_verify_enrollment
EmailTokenClass.check_otp()
EmailTokenClass.create_challenge()
EmailTokenClass.enroll_via_validate()
EmailTokenClass.enroll_via_validate_2nd_step()
EmailTokenClass.get_class_info()
EmailTokenClass.get_class_prefix()
EmailTokenClass.get_class_type()
EmailTokenClass.is_challenge_request()
EmailTokenClass.mode
EmailTokenClass.prepare_verify_enrollment()
EmailTokenClass.test_config()
EmailTokenClass.update()
- 14.2.1.2.6. HOTP Token
HotpTokenClass
HotpTokenClass.can_verify_enrollment
HotpTokenClass.check_otp()
HotpTokenClass.check_otp_exist()
HotpTokenClass.desc_hash_func
HotpTokenClass.desc_key_gen
HotpTokenClass.desc_otp_len
HotpTokenClass.desc_two_step_admin
HotpTokenClass.desc_two_step_user
HotpTokenClass.enroll_via_validate()
HotpTokenClass.generate_symmetric_key()
HotpTokenClass.get_class_info()
HotpTokenClass.get_class_prefix()
HotpTokenClass.get_class_type()
HotpTokenClass.get_default_settings()
HotpTokenClass.get_import_csv()
HotpTokenClass.get_init_detail()
HotpTokenClass.get_multi_otp()
HotpTokenClass.get_otp()
HotpTokenClass.get_setting_type()
HotpTokenClass.get_sync_timeout()
HotpTokenClass.has_further_challenge()
HotpTokenClass.hashlib
HotpTokenClass.is_multichallenge_enrollable
HotpTokenClass.is_previous_otp()
HotpTokenClass.prepare_verify_enrollment()
HotpTokenClass.previous_otp_offset
HotpTokenClass.resync()
HotpTokenClass.update()
HotpTokenClass.verify_enrollment()
- 14.2.1.2.7. mOTP Token
- 14.2.1.2.8. OCRA Token
- 14.2.1.2.9. Paper Token
- 14.2.1.2.10. PasswordToken
PasswordTokenClass
PasswordTokenClass.SecretPassword
PasswordTokenClass.check_otp()
PasswordTokenClass.default_contents
PasswordTokenClass.default_length
PasswordTokenClass.get_class_info()
PasswordTokenClass.get_class_prefix()
PasswordTokenClass.get_class_type()
PasswordTokenClass.get_init_detail()
PasswordTokenClass.password_detail_key
PasswordTokenClass.update()
- 14.2.1.2.11. Legacy PUSH Token
LegacyPushTokenClass
LegacyPushTokenClass.PUSH_ACTION
LegacyPushTokenClass.PUSH_ACTION.ALLOW_POLLING
LegacyPushTokenClass.PUSH_ACTION.FIREBASE_CONFIG
LegacyPushTokenClass.PUSH_ACTION.MOBILE_TEXT
LegacyPushTokenClass.PUSH_ACTION.MOBILE_TITLE
LegacyPushTokenClass.PUSH_ACTION.REGISTRATION_URL
LegacyPushTokenClass.PUSH_ACTION.SSL_VERIFY
LegacyPushTokenClass.PUSH_ACTION.TTL
LegacyPushTokenClass.PUSH_ACTION.WAIT
LegacyPushTokenClass.get_class_description()
LegacyPushTokenClass.get_class_prefix()
LegacyPushTokenClass.get_class_title()
LegacyPushTokenClass.get_class_type()
LegacyPushTokenClass.get_policy_group()
LegacyPushTokenClass.get_push_url_prefix()
LegacyPushTokenClass.get_pushtoken_add_config()
- 14.2.1.2.12. Questionnaire Token
QuestionnaireTokenClass
QuestionnaireTokenClass.check_answer()
QuestionnaireTokenClass.check_challenge_response()
QuestionnaireTokenClass.create_challenge()
QuestionnaireTokenClass.get_class_info()
QuestionnaireTokenClass.get_class_prefix()
QuestionnaireTokenClass.get_class_type()
QuestionnaireTokenClass.get_setting_type()
QuestionnaireTokenClass.has_further_challenge()
QuestionnaireTokenClass.is_challenge_request()
QuestionnaireTokenClass.update()
- 14.2.1.2.13. RADIUS Token
RadiusTokenClass
RadiusTokenClass.authenticate()
RadiusTokenClass.check_challenge_response()
RadiusTokenClass.check_otp()
RadiusTokenClass.check_pin_local
RadiusTokenClass.create_challenge()
RadiusTokenClass.get_class_info()
RadiusTokenClass.get_class_prefix()
RadiusTokenClass.get_class_type()
RadiusTokenClass.is_challenge_request()
RadiusTokenClass.is_challenge_response()
RadiusTokenClass.mode
RadiusTokenClass.split_pin_pass()
RadiusTokenClass.update()
- 14.2.1.2.14. Registration Code Token
- 14.2.1.2.15. Remote Token
- 14.2.1.2.16. SMS Token
SmsTokenClass
SmsTokenClass.check_otp()
SmsTokenClass.create_challenge()
SmsTokenClass.enroll_via_validate()
SmsTokenClass.enroll_via_validate_2nd_step()
SmsTokenClass.get_class_info()
SmsTokenClass.get_class_prefix()
SmsTokenClass.get_class_type()
SmsTokenClass.is_challenge_request()
SmsTokenClass.mode
SmsTokenClass.prepare_verify_enrollment()
SmsTokenClass.update()
- 14.2.1.2.17. SPass Token
- 14.2.1.2.18. SSHKey Token
- 14.2.1.2.19. TiQR Token
- 14.2.1.2.19.1. Enrollment
- 14.2.1.2.19.2. Authentication
- 14.2.1.2.19.3. Implementation
TiqrTokenClass
TiqrTokenClass.api_endpoint()
TiqrTokenClass.check_challenge_response()
TiqrTokenClass.client_mode
TiqrTokenClass.create_challenge()
TiqrTokenClass.get_class_info()
TiqrTokenClass.get_class_prefix()
TiqrTokenClass.get_class_type()
TiqrTokenClass.get_init_detail()
TiqrTokenClass.mode
TiqrTokenClass.update()
- 14.2.1.2.20. TOTP Token
TotpTokenClass
TotpTokenClass.check_otp()
TotpTokenClass.check_otp_exist()
TotpTokenClass.desc_timestep
TotpTokenClass.get_class_info()
TotpTokenClass.get_class_prefix()
TotpTokenClass.get_class_type()
TotpTokenClass.get_default_settings()
TotpTokenClass.get_import_csv()
TotpTokenClass.get_multi_otp()
TotpTokenClass.get_otp()
TotpTokenClass.get_setting_type()
TotpTokenClass.hashlib
TotpTokenClass.previous_otp_offset
TotpTokenClass.resync()
TotpTokenClass.timeshift
TotpTokenClass.timestep
TotpTokenClass.timewindow
TotpTokenClass.update()
- 14.2.1.2.21. U2F Token
- 14.2.1.2.21.1. Enrollment
- 14.2.1.2.21.2. Authentication
- 14.2.1.2.21.3. Implementation
U2fTokenClass
U2fTokenClass.api_endpoint()
U2fTokenClass.check_otp()
U2fTokenClass.client_mode
U2fTokenClass.create_challenge()
U2fTokenClass.get_class_info()
U2fTokenClass.get_class_prefix()
U2fTokenClass.get_class_type()
U2fTokenClass.get_init_detail()
U2fTokenClass.is_challenge_request()
U2fTokenClass.update()
- 14.2.1.2.22. Vasco Token
- 14.2.1.2.23. WebAuthn Token
- 14.2.1.2.23.1. Enrollment
- 14.2.1.2.23.2. Authentication
- 14.2.1.2.23.3. Implementation
WebAuthnTokenClass
WebAuthnTokenClass.check_otp()
WebAuthnTokenClass.check_userless_otp()
WebAuthnTokenClass.client_mode
WebAuthnTokenClass.create_challenge()
WebAuthnTokenClass.create_usernameless_challenge()
WebAuthnTokenClass.decrypt_otpkey()
WebAuthnTokenClass.get_class_info()
WebAuthnTokenClass.get_class_prefix()
WebAuthnTokenClass.get_class_type()
WebAuthnTokenClass.get_init_detail()
WebAuthnTokenClass.get_setting_type()
WebAuthnTokenClass.is_challenge_request()
WebAuthnTokenClass.update()
- 14.2.1.2.24. Yubico Token
- 14.2.1.2.25. Yubikey Token
YubikeyTokenClass
YubikeyTokenClass.api_endpoint()
YubikeyTokenClass.check_otp()
YubikeyTokenClass.check_otp_exist()
YubikeyTokenClass.check_yubikey_pass()
YubikeyTokenClass.get_class_info()
YubikeyTokenClass.get_class_prefix()
YubikeyTokenClass.get_class_type()
YubikeyTokenClass.is_challenge_request()
YubikeyTokenClass.update()
TokenClass
TokenClass.add_init_details()
TokenClass.add_tokengroup()
TokenClass.add_tokeninfo()
TokenClass.add_user()
TokenClass.api_endpoint()
TokenClass.authenticate()
TokenClass.can_verify_enrollment
TokenClass.challenge_janitor()
TokenClass.check_all()
TokenClass.check_auth_counter()
TokenClass.check_challenge_response()
TokenClass.check_failcount()
TokenClass.check_last_auth_newer()
TokenClass.check_otp()
TokenClass.check_otp_exist()
TokenClass.check_pin()
TokenClass.check_reset_failcount()
TokenClass.check_validity_period()
TokenClass.client_mode
TokenClass.create_challenge()
TokenClass.decode_otpkey()
TokenClass.del_tokengroup()
TokenClass.del_tokeninfo()
TokenClass.delete_token()
TokenClass.enable()
TokenClass.enroll_via_validate()
TokenClass.enroll_via_validate_2nd_step()
TokenClass.generate_symmetric_key()
TokenClass.get_as_dict()
TokenClass.get_class_info()
TokenClass.get_class_prefix()
TokenClass.get_class_type()
TokenClass.get_count_auth()
TokenClass.get_count_auth_max()
TokenClass.get_count_auth_success()
TokenClass.get_count_auth_success_max()
TokenClass.get_count_window()
TokenClass.get_default_settings()
TokenClass.get_failcount()
TokenClass.get_hashlib()
TokenClass.get_import_csv()
TokenClass.get_init_detail()
TokenClass.get_init_details()
TokenClass.get_max_failcount()
TokenClass.get_multi_otp()
TokenClass.get_otp()
TokenClass.get_otp_count()
TokenClass.get_otp_count_window()
TokenClass.get_otplen()
TokenClass.get_pin_hash_seed()
TokenClass.get_realms()
TokenClass.get_serial()
TokenClass.get_setting_type()
TokenClass.get_sync_window()
TokenClass.get_tokeninfo()
TokenClass.get_tokentype()
TokenClass.get_type()
TokenClass.get_user_displayname()
TokenClass.get_user_id()
TokenClass.get_validity_period_end()
TokenClass.get_validity_period_start()
TokenClass.hKeyRequired
TokenClass.has_db_challenge_response()
TokenClass.has_further_challenge()
TokenClass.inc_count_auth()
TokenClass.inc_count_auth_success()
TokenClass.inc_failcount()
TokenClass.inc_otp_counter()
TokenClass.is_active()
TokenClass.is_challenge_request()
TokenClass.is_challenge_response()
TokenClass.is_fit_for_challenge()
TokenClass.is_locked()
TokenClass.is_multichallenge_enrollable
TokenClass.is_orphaned()
TokenClass.is_outofband()
TokenClass.is_pin_change()
TokenClass.is_previous_otp()
TokenClass.is_revoked()
TokenClass.mode
TokenClass.post_success()
TokenClass.prepare_verify_enrollment()
TokenClass.reset()
TokenClass.resync()
TokenClass.revoke()
TokenClass.rollout_state
TokenClass.save()
TokenClass.set_count_auth()
TokenClass.set_count_auth_max()
TokenClass.set_count_auth_success()
TokenClass.set_count_auth_success_max()
TokenClass.set_count_window()
TokenClass.set_defaults()
TokenClass.set_description()
TokenClass.set_failcount()
TokenClass.set_hashlib()
TokenClass.set_init_details()
TokenClass.set_maxfail()
TokenClass.set_next_pin_change()
TokenClass.set_otp_count()
TokenClass.set_otpkey()
TokenClass.set_otplen()
TokenClass.set_pin()
TokenClass.set_pin_hash_seed()
TokenClass.set_realms()
TokenClass.set_so_pin()
TokenClass.set_sync_window()
TokenClass.set_tokengroups()
TokenClass.set_tokeninfo()
TokenClass.set_type()
TokenClass.set_user_pin()
TokenClass.set_validity_period_end()
TokenClass.set_validity_period_start()
TokenClass.split_pin_pass()
TokenClass.status_validation_fail()
TokenClass.status_validation_success()
TokenClass.test_config()
TokenClass.update()
TokenClass.use_for_authentication()
TokenClass.user
TokenClass.using_pin
TokenClass.verify_enrollment()
- 14.2.1.2.1. 4 Eyes Token
- 14.2.1.3. Token Functions
add_tokeninfo()
assign_token()
assign_tokengroup()
check_otp()
check_realm_pass()
check_serial()
check_serial_pass()
check_token_list()
check_user_pass()
clob_to_varchar
copy_token_pin()
copy_token_realms()
copy_token_user()
create_challenge_without_token()
create_challenges_from_tokens()
create_tokenclass_object()
delete_tokeninfo()
enable_token()
fn_clob_to_varchar_default()
fn_clob_to_varchar_oracle()
gen_serial()
get_dynamic_policy_definitions()
get_multi_otp()
get_num_tokens_in_realm()
get_one_token()
get_otp()
get_realms_of_token()
get_serial_by_otp()
get_token_by_otp()
get_token_owner()
get_token_type()
get_tokenclass_info()
get_tokens()
get_tokens_from_serial_or_user()
get_tokens_in_resolver()
get_tokens_paginate()
get_tokens_paginated_generator()
import_token()
init_token()
is_token_active()
is_token_owner()
list_tokengroups()
lost_token()
remove_token()
reset_token()
resync_token()
revoke_token()
set_count_auth()
set_count_window()
set_defaults()
set_description()
set_failcounter()
set_hashlib()
set_max_failcount()
set_otplen()
set_pin()
set_pin_so()
set_pin_user()
set_realms()
set_sync_window()
set_tokengroups()
set_validity_period_end()
set_validity_period_start()
token_exist()
unassign_token()
unassign_tokengroup()
weigh_token_type()
- 14.2.1.4. Application Class
- 14.2.1.5. Policy Module
- 14.2.1.5.1. realm and resolver
- 14.2.1.5.2. user
- 14.2.1.5.3. client
- 14.2.1.5.4. time
ACTION
ACTION.ADDRESOLVERINRESPONSE
ACTION.ADDUSER
ACTION.ADDUSERINRESPONSE
ACTION.ADMIN_DASHBOARD
ACTION.APIKEY
ACTION.APPIMAGEURL
ACTION.APPLICATION_TOKENTYPE
ACTION.ASSIGN
ACTION.AUDIT
ACTION.AUDITPAGESIZE
ACTION.AUDIT_AGE
ACTION.AUDIT_DOWNLOAD
ACTION.AUTHITEMS
ACTION.AUTHMAXFAIL
ACTION.AUTHMAXSUCCESS
ACTION.AUTHORIZED
ACTION.AUTH_CACHE
ACTION.AUTOASSIGN
ACTION.CACONNECTORDELETE
ACTION.CACONNECTORREAD
ACTION.CACONNECTORWRITE
ACTION.CHALLENGERESPONSE
ACTION.CHALLENGETEXT
ACTION.CHALLENGETEXT_FOOTER
ACTION.CHALLENGETEXT_HEADER
ACTION.CHANGE_PIN_EVERY
ACTION.CHANGE_PIN_FIRST_USE
ACTION.CHANGE_PIN_VIA_VALIDATE
ACTION.CLIENTTYPE
ACTION.CONFIGDOCUMENTATION
ACTION.COPYTOKENPIN
ACTION.COPYTOKENUSER
ACTION.CUSTOM_BASELINE
ACTION.CUSTOM_MENU
ACTION.DEFAULT_TOKENTYPE
ACTION.DELETE
ACTION.DELETEUSER
ACTION.DELETE_USER_ATTRIBUTES
ACTION.DELETION_CONFIRMATION
ACTION.DIALOG_NO_TOKEN
ACTION.DISABLE
ACTION.EDUMFASERVERREAD
ACTION.EDUMFASERVERWRITE
ACTION.EMAILCONFIG
ACTION.ENABLE
ACTION.ENCRYPTPIN
ACTION.ENROLLPIN
ACTION.ENROLL_VIA_MULTICHALLENGE
ACTION.EVENTHANDLINGREAD
ACTION.EVENTHANDLINGWRITE
ACTION.FORCE_APP_PIN
ACTION.GDPR_LINK
ACTION.GETCHALLENGES
ACTION.GETRANDOM
ACTION.GETSERIAL
ACTION.HIDE_AUDIT_COLUMNS
ACTION.HIDE_BUTTONS
ACTION.HIDE_TOKENINFO
ACTION.HIDE_WELCOME
ACTION.IMPORT
ACTION.INCREASE_FAILCOUNTER_ON_CHALLENGE
ACTION.LASTAUTH
ACTION.LOGINMODE
ACTION.LOGIN_TEXT
ACTION.LOGOUTTIME
ACTION.LOGOUT_REDIRECT
ACTION.LOSTTOKEN
ACTION.LOSTTOKENPWCONTENTS
ACTION.LOSTTOKENPWLEN
ACTION.LOSTTOKENVALID
ACTION.MACHINELIST
ACTION.MACHINERESOLVERDELETE
ACTION.MACHINERESOLVERREAD
ACTION.MACHINERESOLVERWRITE
ACTION.MACHINETOKENS
ACTION.MANAGESUBSCRIPTION
ACTION.MANGLE
ACTION.MAXACTIVETOKENUSER
ACTION.MAXTOKENREALM
ACTION.MAXTOKENUSER
ACTION.NODETAILFAIL
ACTION.NODETAILSUCCESS
ACTION.OTPPIN
ACTION.OTPPINCONTENTS
ACTION.OTPPINMAXLEN
ACTION.OTPPINMINLEN
ACTION.OTPPINRANDOM
ACTION.OTPPINSETRANDOM
ACTION.PASSNOTOKEN
ACTION.PASSNOUSER
ACTION.PASSTHRU
ACTION.PASSTHRU_ASSIGN
ACTION.PASSWORDRESET
ACTION.PASSWORD_CONTENTS
ACTION.PASSWORD_LENGTH
ACTION.PERIODICTASKREAD
ACTION.PERIODICTASKWRITE
ACTION.PINHANDLING
ACTION.POLICYDELETE
ACTION.POLICYREAD
ACTION.POLICYTEMPLATEURL
ACTION.POLICYWRITE
ACTION.PREFERREDCLIENTMODE
ACTION.RADIUSSERVERREAD
ACTION.RADIUSSERVERWRITE
ACTION.REALM
ACTION.REALMDROPDOWN
ACTION.REGISTERBODY
ACTION.REGISTRATIONCODE_CONTENTS
ACTION.REGISTRATIONCODE_LENGTH
ACTION.REMOTE_USER
ACTION.REQUIREDEMAIL
ACTION.REQUIRE_DESCRIPTION
ACTION.RESET
ACTION.RESETALLTOKENS
ACTION.RESOLVER
ACTION.RESOLVERDELETE
ACTION.RESOLVERREAD
ACTION.RESOLVERWRITE
ACTION.RESYNC
ACTION.RESYNC_VIA_MULTICHALLENGE
ACTION.REVOKE
ACTION.SEARCH_ON_ENTER
ACTION.SERIAL
ACTION.SERVICEID_ADD
ACTION.SERVICEID_DELETE
ACTION.SERVICEID_LIST
ACTION.SET
ACTION.SETDESCRIPTION
ACTION.SETHSM
ACTION.SETPIN
ACTION.SETRANDOMPIN
ACTION.SETREALM
ACTION.SETTOKENINFO
ACTION.SET_USER_ATTRIBUTES
ACTION.SHOW_ANDROID_AUTHENTICATOR
ACTION.SHOW_CUSTOM_AUTHENTICATOR
ACTION.SHOW_IOS_AUTHENTICATOR
ACTION.SHOW_NODE
ACTION.SHOW_SEED
ACTION.SMSGATEWAYREAD
ACTION.SMSGATEWAYWRITE
ACTION.SMTPSERVERREAD
ACTION.SMTPSERVERWRITE
ACTION.STATISTICSDELETE
ACTION.STATISTICSREAD
ACTION.SYSTEMDELETE
ACTION.SYSTEMREAD
ACTION.SYSTEMWRITE
ACTION.TIMEOUT_ACTION
ACTION.TOKENGROUPS
ACTION.TOKENGROUP_ADD
ACTION.TOKENGROUP_DELETE
ACTION.TOKENGROUP_LIST
ACTION.TOKENINFO
ACTION.TOKENISSUER
ACTION.TOKENLABEL
ACTION.TOKENLIST
ACTION.TOKENPAGESIZE
ACTION.TOKENREALMS
ACTION.TOKENROLLOVER
ACTION.TOKENTYPE
ACTION.TOKENWIZARD
ACTION.TOKENWIZARD2ND
ACTION.TRIGGERCHALLENGE
ACTION.UNASSIGN
ACTION.UPDATEUSER
ACTION.USERDETAILS
ACTION.USERLIST
ACTION.USERPAGESIZE
ACTION.VERIFY_ENROLLMENT
ACTIONVALUE
AUTHORIZED
AUTOASSIGNVALUE
CONDITION_CHECK
CONDITION_SECTION
GROUP
LOGINMODE
MAIN_MENU
Match
MatchingError
PolicyClass
PolicyClass.check_for_conflicts()
PolicyClass.extract_action_values()
PolicyClass.filter_policies_by_conditions()
PolicyClass.get_action_values()
PolicyClass.list_policies()
PolicyClass.match_policies()
PolicyClass.policies
PolicyClass.ui_get_enroll_tokentypes()
PolicyClass.ui_get_main_menus()
PolicyClass.ui_get_rights()
REMOTE_USER
SCOPE
TIMEOUT_ACTION
TYPE
check_pin()
delete_all_policies()
delete_policy()
enable_policy()
export_policies()
export_policy()
get_action_values_from_options()
get_allowed_custom_attributes()
get_policy_condition_comparators()
get_policy_condition_sections()
get_static_policy_definitions()
import_policies()
import_policy()
set_policy()
- 14.2.1.6. Job Queue
- 14.2.1.7. API Policies
- 14.2.1.7.1. Pre Policies
allowed_audit_realm()
api_key_required()
auditlog_age()
check_admin_tokenlist()
check_anonymous_user()
check_base_action()
check_custom_user_attributes()
check_external()
check_max_token_realm()
check_max_token_user()
check_otp_pin()
check_token_init()
check_token_upload()
encrypt_pin()
enroll_pin()
hide_audit_columns()
hide_tokeninfo()
increase_failcounter_on_challenge()
indexedsecret_force_attribute()
init_ca_connector()
init_ca_template()
init_random_pin()
init_subject_components()
init_token_defaults()
init_token_length_contents()
init_tokenlabel()
is_remote_user_allowed()
legacypushtoken_wait()
mangle()
mock_fail()
mock_success()
papertoken_count()
prepolicy
pushtoken_add_config()
pushtoken_disable_wait()
pushtoken_wait()
realmadmin()
require_description()
required_email()
required_piv_attestation()
save_client_application_type()
set_random_pin()
set_realm()
sms_identifiers()
tantoken_count()
twostep_enrollment_activation()
twostep_enrollment_parameters()
u2ftoken_allowed()
u2ftoken_verify_cert()
verify_enrollment()
webauthntoken_allowed()
webauthntoken_auth()
webauthntoken_authz()
webauthntoken_enroll()
webauthntoken_request()
- 14.2.1.7.2. Post Policies
add_user_detail_to_response()
autoassign()
check_serial()
check_tokeninfo()
check_tokentype()
check_verify_enrollment()
construct_radius_response()
get_webui_settings()
is_authorized()
mangle_challenge_response()
multichallenge_enroll_via_validate()
no_detail_on_fail()
no_detail_on_success()
offline_info()
postpolicy
postrequest
preferred_client_mode()
save_pin_change()
sign_response()
- 14.2.1.7.1. Pre Policies
- 14.2.1.8. Policy Decorators
- 14.2.1.9. Event Handler
- 14.2.1.10. SMS Provider
- 14.2.1.1. Users
- 14.2.2. UserIdResolvers
- 14.2.2.1. Base class
UserIdResolver
UserIdResolver.add_user()
UserIdResolver.checkPass()
UserIdResolver.close()
UserIdResolver.delete_user()
UserIdResolver.editable
UserIdResolver.getResolverClassDescriptor()
UserIdResolver.getResolverClassType()
UserIdResolver.getResolverDescriptor()
UserIdResolver.getResolverId()
UserIdResolver.getResolverType()
UserIdResolver.getUserId()
UserIdResolver.getUserInfo()
UserIdResolver.getUserList()
UserIdResolver.getUsername()
UserIdResolver.has_multiple_loginnames
UserIdResolver.loadConfig()
UserIdResolver.testconnection()
UserIdResolver.update_user()
- 14.2.2.2. PasswdResolver
IdResolver
IdResolver.checkPass()
IdResolver.checkUserId()
IdResolver.checkUserName()
IdResolver.getResolverClassDescriptor()
IdResolver.getResolverClassType()
IdResolver.getResolverDescriptor()
IdResolver.getResolverId()
IdResolver.getResolverType()
IdResolver.getSearchFields()
IdResolver.getUserId()
IdResolver.getUserInfo()
IdResolver.getUserList()
IdResolver.getUsername()
IdResolver.loadConfig()
IdResolver.loadFile()
IdResolver.setup()
- 14.2.2.3. LDAPResolver
IdResolver
IdResolver.add_user()
IdResolver.checkPass()
IdResolver.create_connection()
IdResolver.create_serverpool()
IdResolver.delete_user()
IdResolver.editable
IdResolver.getResolverClassDescriptor()
IdResolver.getResolverClassType()
IdResolver.getResolverDescriptor()
IdResolver.getResolverId()
IdResolver.getResolverType()
IdResolver.getUserId()
IdResolver.getUserInfo()
IdResolver.getUserList()
IdResolver.getUsername()
IdResolver.get_persistent_serverpool()
IdResolver.get_serverpool_instance()
IdResolver.has_multiple_loginnames
IdResolver.loadConfig()
IdResolver.split_uri()
IdResolver.testconnection()
IdResolver.update_user()
- 14.2.2.1. Base class
- 14.2.3. Audit log
- 14.2.3.1. Base class
Audit
Audit.add_policy()
Audit.add_to_log()
Audit.audit_entry_to_dict()
Audit.available_audit_columns
Audit.csv_generator()
Audit.finalize_log()
Audit.get_audit_id()
Audit.get_count()
Audit.get_total()
Audit.has_data
Audit.initialize_log()
Audit.is_readable
Audit.log()
Audit.log_token_num()
Audit.read_keys()
Audit.search()
Audit.search_query()
- 14.2.3.2. SQL Audit module
- 14.2.3.1. Base class
- 14.2.4. Monitoring
- 14.2.5. Machine Resolvers
- 14.2.6. PinHandler
14.3. DB level¶
On the DB level you can simply modify all objects.
- 14.3.1. The database model
Admin
Audit
AuthCache
CAConnector
CAConnectorConfig
Challenge
ClientApplication
Config
CustomUserAttribute
EventCounter
EventHandler
EventHandlerCondition
EventHandlerOption
MachineResolver
MachineResolverConfig
MachineToken
MachineTokenOptions
MethodsMixin
MonitoringStats
PasswordReset
PeriodicTask
PeriodicTaskLastRun
PeriodicTaskOption
Policy
PolicyCondition
RADIUSServer
Realm
Resolver
ResolverConfig
ResolverRealm
SMSGateway
SMSGatewayOption
SMTPServer
Serviceid
Subscription
TimestampMethodsMixin
Token
TokenInfo
TokenOwner
TokenRealm
TokenTokengroup
Tokengroup
UserCache
cleanup_challenges()
eduMFAServer
get_machineresolver_id()
get_machinetoken_ids()
get_token_id()
save_config_timestamp()