Update File-Based Authentication Configuration REST Service

Use the Update File-Based Authentication Configuration REST Service to configure the file-based authentication requirements in containerized IBM® Security Guardium® Key Lifecycle Manager.

Operation: POST
URL: https://host:port/SKLM/rest/v1/authnConfigProperties/file

By default, Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify this default port.

Request

Request Parameters

Parameter	Description
host	Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server.
port	Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests.

Request Headers

Header name	Value
Content-Type	`application/json`
Accept	`application/json`
Authorization	`SKLMAuth userAuthId=<authIdValue>`
Accept-Language	Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, `en` or `de`.

Request body

JSON object with the following specification:

Property name	Description
AUTH_TYPE_FILE	Specify `true` if you want to configure file-based user authentication. Other possible value is `false`.
SKLMADMIN_USERNAME	Specify the user name of the IBM Security Guardium Key Lifecycle Manager administrator. You can specify only alphanumeric characters. Default value: `sklmadmin` Note: This parameter is mandatory if you have specified `true` as a value in the AUTH_TYPE_LDAP parameter.
SKLMADMIN_PASSWORD	Specify the password for the IBM Security Guardium Key Lifecycle Manager administrator user that is specified in the SKLMADMIN_USERNAME parameter. Note: This parameter is mandatory if you have specified `true` as a value in the AUTH_TYPE_LDAP parameter.

Response

Response Headers

Header name	Value and description
Status Code	200 OK The request was successful. The response body contains the requested representation. 400 Bad Request The authentication information was not provided in the correct format. 401 Unauthorized The authentication credentials were missing or incorrect. 404 Not Found Error The processing of the request fails. 500 Internal Server Error The processing of the request fails because of an unexpected condition on the server.
Content-Type	`application/json`
Content-Language	Locale for the response message.

Success response body

JSON object with the following specification:

JSON property name	Description
code	Returns the code that is specified by the status property.
status	Returns the status of the operation.

Error Response Body

JSON object with the following specification.

JSON property name	Description
code	Returns the application error code.
message	Returns a message that describes the error.

Example

Specify LDAP configuration

POST https://localhost:port/SKLM/rest/v1/authnConfigProperties/file
{
  "AUTH_TYPE_FILE": "true",
  "SKLMADMIN_USERNAME": "sklmadmin",
  "SKLMADMIN_PASSWORD": "sklm@passwd"
}

Success response

{
  "code": "CTGKM6205I",
  "status": "CTGKM6205I File Configuration settings are updated."
}

Error response

{"code":"CTGKM6002E",
"message":"CTGKM6002E Bad Request: Invalid user authentication ID or invalid request format."}

Table 1. Topic change log
Date	Change description
20 Oct 2021	Corrected the example.
30 Sept 2021	Removed `ckms` from the REST endpoint.
10 Sept 2021	Initial version.