/auth-method-create-kerberos

post

https://api.akeyless.io/auth-method-create-kerberos

Body Params

access-expires

int64

Defaults to 0

Access expiration date in Unix timestamp (select 0 for access without expiry date)

allowed-client-type

array of strings

limit the auth method usage for specific client types [cli,ui,gateway-admin,sdk,mobile,extension]

allowed-client-type

audit-logs-claims

array of strings

Subclaims to include in audit logs, e.g "--audit-logs-claims email --audit-logs-claims username"

audit-logs-claims

bind-dn

string

bind-dn-password

string

bound-ips

array of strings

A CIDR whitelist with the IPs that the access is restricted to

bound-ips

delete_protection

string

Protection from accidental deletion of this object [true/false]

description

string

Auth Method description

expiration-event-in

array of strings

How many days before the expiration of the auth method would you like to be notified.

expiration-event-in

force-sub-claims

boolean

if true: enforce role-association must include sub claims

group-attr

string

group-dn

string

group-filter

string

gw-bound-ips

array of strings

A CIDR whitelist with the GW IPs that the access is restricted to

gw-bound-ips

json

boolean

Defaults to false

Set output format to JSON

jwt-ttl

int64

Defaults to 0

Jwt TTL

keytab-file-data

string

keytab-file-path

string

krb5-conf-data

string

krb5-conf-path

string

ldap-anonymous-search

boolean

ldap-ca-cert

string

ldap-url

string

name

string

required

Auth Method name

product-type

array of strings

Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]

product-type

subclaims-delimiters

array of strings

A list of additional sub claims delimiters (relevant only for SAML, OIDC, OAuth2/JWT)

subclaims-delimiters

token

string

Authentication token (see /auth and /configure)

uid-token

string

The universal identity token, Required only for universal_identity authentication

unique-identifier

string

A unique identifier (ID) value which is a "sub claim" name that contains details uniquely identifying that resource. This "sub claim" is used to distinguish between different identities.

user-attribute

string

user-dn

string

Responses

201

defaulterrorResponse wraps any error to return it as a JSON object with one "error" field.