Request

The following request body is sent during the addpolicy call:

URL: https://<FQDN>:<PORT>/skfs/rest/addpolicy
HTTP Method: POST

FIDO2_0 request body:

{
    "svcinfo": {
        "did": 1,
        "protocol": "FIDO2_0",
        "authtype": "PASSWORD",
        "svcusername": "fidoadminuser",
        "svcpassword": "Abcd1234!"
    },
    "payload": {
        "policy": "{\"FidoPolicy\":{\"name\":\"MinimalPolicy\",\"copyright\":\"\",\"version\":\"1.0\",\"startDate\":\"1695683133\",\"endDate\":\"1760103870871\",\"system\":{\"did\":7,\"requireCounter\":\"optional\",\"integritySignatures\":false,\"userVerification\":[\"required\",\"preferred\",\"discouraged\"],\"userPresenceTimeout\":0,\"allowedAaguids\":[\"all\"],\"transport\":[\"usb\",\"internal\"]},\"subdomains\":{\"enabled\":false,\"allowedSubdomains\":[]},\"relatedOriginRequests\":{\"enabled\":false },\"digitalAssetLinks\":{\"enabled\":false },\"algorithms\":{\"curves\":[\"secp256r1\",\"secp384r1\",\"secp521r1\",\"curve25519\"],\"rsa\":[\"RS256\",\"RS384\",\"RS512\",\"PS256\",\"PS384\",\"PS384\"],\"signatures\":[\"ES256\",\"ES384\",\"ES512\",\"EdDSA\",\"ES256K\"]},\"attestation\":{\"conveyance\":[\"none\",\"indirect\",\"direct\",\"enterprise\"],\"formats\":[\"fido-u2f\",\"packed\",\"tpm\",\"android-key\",\"android-safetynet\",\"apple\",\"none\"]},\"registration\":{\"displayName\":\"required\",\"attachment\":[\"platform\",\"cross-platform\"],\"discoverableCredential\":[\"required\",\"preferred\",\"discouraged\"],\"excludeCredentials\":\"enabled\"},\"authentication\":{\"allowCredentials\":\"enabled\"},\"authorization\":{\"maxdataLength\":256,\"preserve\":true},\"rp\":{\"id\":\"test.com\",\"name\":\"FIDOServer\"},\"extensions\":{},\"mds\":{\"authenticatorStatusReport\":[{\"status\":\"FIDO_CERTIFIED_L1\",\"priority\":\"1\",\"decision\":\"IGNORE\"},{\"status\":\"FIDO_CERTIFIED_L2\",\"priority\":\"1\",\"decision\":\"ACCEPT\"},{\"status\":\"UPDATE_AVAILABLE\",\"priority\":\"5\",\"decision\":\"IGNORE\"},{\"status\":\"REVOKED\",\"priority\":\"10\",\"decision\":\"DENY\"}]},\"jwt\":{\"algorithms\":[\"ES256\",\"ES384\",\"ES521\"],\"duration\":30,\"required\":[\"rpid\",\"iat\",\"exp\",\"cip\",\"uname\",\"agent\"]},\"signcerts\":{\"rootca\":{\"subjectdn\":\"CN=StrongKey FIDO Server RootCA,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1679560516\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIICVTCCAbWgAwIBAgIEZBwPRDAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI0NzM4WhcNMjQwOTI0MjI0NzM4WjBLMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMSUwIwYDVQQDExxTdHJvbmdLZXkgRklETyBTZXJ2ZXIgUm9vdENBMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAKdbVGToJkrCwOGEhg+JrnUM8Fv8l/g952VrWXhAaOtaIC4GMsKD0bv9gNot4nDSKH8L59i/dJiRHU4xuIvhkQAsBoSP2dipxg+bVvFtCt/dH1jOQYv+ev1KE2k8KZc4W3Ebgrvj5RZ02dIvKo8fCpEhBQKNhpR8tQmLRcAYZMcVQcAWjQjBAMB0GA1UdDgQWBBSjFsBomZYSzAs6i3XILwB6WMjz+zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAMBggqhkjOPQQDBAUAA4GLADCBhwJBdt0h+vm4nA0fCfHrNbmclKSojLC+c3qTwB6T3H4zuGPzQKfh37UIFLZUyeIaKNCZ/EK3ttkyAo6R3SA/RM8Qg5oCQgG5Z1imd84Oa8v5SvAfiuTuFC//fRyeTOo3Qr9uDTOizptU4voInHdsORSugU99R8oNqSISBSarXo78ZLDperHHMg==-----END CERTIFICATE-----\",\"jwtcerts\":{\"default\":[{\"subjectdn\":\"CN=SKFS JWT Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"136454779\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIICBzCCAWegAwIBAgIECCIiezAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI0NzUwWhcNMjQwOTI0MjI0NzUwWjBAMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRowGAYDVQQDExFTS0ZTIEpXVCBTaWduZXIgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOU53tO6qIZeG9shvyKM89vDXDanSydzrzSbj4QNqcumNd7S05zIVODTM4u2K+FlKefLF0wC9quJZAVtfQr1EuOjQjBAMB0GA1UdDgQWBBRjO1ed7qSTgdWvnqSvjZgcsNYZVTAfBgNVHSMEGDAWgBSjFsBomZYSzAs6i3XILwB6WMjz+zAMBggqhkjOPQQDBAUAA4GLADCBhwJBGNVbxTRagpZQwcjSMXuXl8GI+xzDW2DvQqzObt137rzExG2Bgl5Gqb+RPsBPnuMaeKHTSP3qjnwNUGti/usJinkCQgFmamAz25k+PNUMnUq4bsKDsFU4y5AbRWAUlZzL00YlK699Rv/+YnCbvpUlgrp7zslaIOMmKNV+sElkVDk/THwTAw==-----END CERTIFICATE-----\"},{\"subjectdn\":\"CN=SKFS JWT Signer 2,OU=DID 1,O=StrongKey\",\"serialnumber\":\"189249632\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIICBzCCAWegAwIBAgIEC0e4YDAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI0ODEwWhcNMjQwOTI0MjI0ODEwWjBAMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRowGAYDVQQDExFTS0ZTIEpXVCBTaWduZXIgMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKc91+zd9yhkCxS1wN+XTKHefzVqhT4UUNgHUEZeRK47aHvFQR8DlaxsK1jFniXpvfbOEMXQdySKeCHsJIl7b2KjQjBAMB0GA1UdDgQWBBQZAEcp7y6gAq68k19RPtSLXu/ugzAfBgNVHSMEGDAWgBSjFsBomZYSzAs6i3XILwB6WMjz+zAMBggqhkjOPQQDBAUAA4GLADCBhwJBCmSozCgL4pV2+QE2pfNgBQQrENNzejLnYolJK/W4ImK2RiyPut2GZtRIL/pfgSYws35NaUkeICFimw0q//zH6aoCQgGSt1Y8PMxlr/+Ac1xTx1yn3HzwcZIyuF2i1YS1JzlrP1QAPIFA8UHcL0eXn0mda2aeBBTUEtSNqb0cPNkpiipqAQ==-----END CERTIFICATE-----\"},{\"subjectdn\":\"CN=SKFS JWT Signer 3,OU=DID 1,O=StrongKey\",\"serialnumber\":\"956062841\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIICCDCCAWegAwIBAgIEOPxceTAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI0ODMwWhcNMjQwOTI0MjI0ODMwWjBAMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRowGAYDVQQDExFTS0ZTIEpXVCBTaWduZXIgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIk85sCOVJ489k2DT2VWlfgUIsc/+6pk2EnAN5qMZtEg/tsbrKPeNChsFseBIf7RNg3TXretVtwlSJy7RytRNQ+jQjBAMB0GA1UdDgQWBBTTo/AyN1miKjrvTdYowtFNyhmJCjAfBgNVHSMEGDAWgBSjFsBomZYSzAs6i3XILwB6WMjz+zAMBggqhkjOPQQDBAUAA4GMADCBiAJCAf+vBftPogNV7sW7JTA62KaeM7VZBTYQlQaN5CHM7Lu9RQlGc9+YBytm+6dWjJfFGrWGx9Dy7v1fURqafw21FLnDAkIA6AyVH4xAesoMhoH7U4xRBvyRbvWfgObGa1cxk9k3EHfwfd2/6+zSQ9MI65B7bRWcbcsIHysIUhbtjC9ytZGIbKI=-----END CERTIFICATE-----\"}]},\"samlcerts\":{\"default\":[{\"subjectdn\":\"CN=SKFS SAML Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1752527694\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIIC5DCCAkOgAwIBAgIEaHVzTjAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI1NzI3WhcNMjQwOTI0MjI1NzI3WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOPu6Hi/0stlWMJa+m73Y9KAYo8fAiE53PgPpMjYM3a++Vf7nZ0sByk+W3Q/gRtTfjOnh+2cq2ukTLHKAG0UKZ2kD9PRzwZgfo1GoTKdRekVIIjwxOX6n52RJ9/mblkyPcOPnmjUy+aULaSTow2cI+cRukYEdzEuWDU81QEJ7m+xkZ6eKkrjJ1Y9sX4BzJttlswd43Avu/0QDGunSX37Z0NM21PZCjzgrVr5GAkBHP0Vz+bgGJ5zpcsdMQfhX4yAN6cmYOD/9JO4AQj36LaN+/JS2sU75ub8BHYFdVa1NsFbDPvvsxzrw3pweuZWXZifM+mCUy/O+JPswrnyG9PDLrAgMBAAGjUjBQMB0GA1UdDgQWBBSLVRg9XSNi4SqNZ3jREXhMsfsoEjAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAUoxbAaJmWEswLOot1yC8AeljI8/swDAYIKoZIzj0EAwQFAAOBjAAwgYgCQgExLV4kYrkQJiBN1Jf65BgyHh0qgQfqtma3rtKplKtjjTh5lfXlebrYJU1WyPK3bVotpb4s9cI4pZL1oBZ/XrE28wJCAaf4NGUcE+1nIfWmwAL7HXWzx/LRwufxpnHfkrztHIZPR/5c7N24PQk9njDTUFG7Lv30U8Hp42nD7uxt96zP8N+h-----END CERTIFICATE-----\"},{\"subjectdn\":\"CN=SKFS SAML Signer 2,OU=DID 1,O=StrongKey\",\"serialnumber\":\"483266569\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIEHM4QCTAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI1NzQ2WhcNMjQwOTI0MjI1NzQ2WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeve+T/aw44+WaN0QSml21K9KP7b6Gpn1ZDV3Ne+oQi2jrqOniW3LFBN8emJwGlh+X77A0WwJTkgCGP/eSftpQNE1NqGM94HnPnP2uxIWyaLZjLpEKngwj0B1mR1X6ts7H//fbV2f4MNK/B/fBSgAAe8BbLOKUX7cHSSOsNomlaSmKRjA2i37OupBrmBIN9fq7oXoTxlmQq31Y+3PpSBSgYQxnM8XLMJBzL6m2NzruMWQvBC+Ub25r0MG7sgz0cp9AytoSU6aTzlzObaixuVl/n8C025VzA8hh4LMeLxkKHO38v8O4VThWWCL0e1WVxLV4E3DgO2/foV1JRiKt9hebAgMBAAGjUjBQMB0GA1UdDgQWBBQuUwdAgwAq9taI0LeJX9qi9M2EUjAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAUoxbAaJmWEswLOot1yC8AeljI8/swDAYIKoZIzj0EAwQFAAOBiwAwgYcCQgG8jeN1fweKUB2Rf8VK1u1BeXACRDHDjodnl1NmMKVPMJOEHqIF9GpkoSP9rC5B2NbrIyMjw4zLzxPoRJSgpeHMywJBekB/uwHGYuee7mVSCpA01DZ2Rjem770cNzYGUOvN9pbTtOya2BCe+ru2VY1R6ajRZSEhpMU+06/VUMqzJwJ2tAY=-----END CERTIFICATE-----\"},{\"subjectdn\":\"CN=SKFS SAML Signer 3,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1642726701\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIIC4zCCAkOgAwIBAgIEYeoFLTAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI1ODA1WhcNMjQwOTI0MjI1ODA1WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ9+a2Q7S61gp5AfHNos9inTEf8wHoQaX15F7sNUjaypVYqTTnptNjwB52oshoBO8ef+wvfxqcKwodBUGd8ZWjKX6ZzEY4PdRmaQT3qqnyLBPfhyc85N/feUQIuQj5pX/+5LrZOi0y3hfwQl3elU8cMaBV7QHV0mV4Jn2TEN1QSSRe21sUd0tl6KAyio6yBFN8BqSWQXqyqHVVjnMjS43bii+twcjnfOgR9on41qIt3DTsGDFxMOt2d2+STJwpzk8lAvK1eNuId2egP6bW/PXQas+QjXL7HtV9VfuYo3/kipebHmf2rVjwrP4R8vx82iEaYBE/we06txvyAOev1giVAgMBAAGjUjBQMB0GA1UdDgQWBBT5a1O5hrneWkvl34FuhkZOLMg0WTAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAUoxbAaJmWEswLOot1yC8AeljI8/swDAYIKoZIzj0EAwQFAAOBiwAwgYcCQgFKzP/yQMVznrju0BxFITKCJF79TRZVPPdaeVraMF9SFEXom2cy6x6W13MSxshnPGm2ZJVrKxiVWcygu7t7ZfcnGAJBN0eMmXA53aT8+N71JrEXwU2gbbh17/X6yht18zR8gvGpjZU6AK8XsILvI1WzUG1dUPofMTd8rMlB/JK+ZksC9wM=-----END CERTIFICATE-----\"}],\"citrixidp\":{\"subjectdn\":\"CN=SKFS SAML Signer 1,OU=DID 1,O=StrongKey\",\"serialnumber\":\"1752527694\",\"pemcert\":\"-----BEGIN CERTIFICATE-----MIIC5DCCAkOgAwIBAgIEaHVzTjAMBggqhkjOPQQDBAUAMEsxEjAQBgNVBAoTCVN0cm9uZ0tleTEOMAwGA1UECxMFRElEIDExJTAjBgNVBAMTHFN0cm9uZ0tleSBGSURPIFNlcnZlciBSb290Q0EwHhcNMjMwOTI1MjI1NzI3WhcNMjQwOTI0MjI1NzI3WjBBMRIwEAYDVQQKEwlTdHJvbmdLZXkxDjAMBgNVBAsTBURJRCAxMRswGQYDVQQDExJTS0ZTIFNBTUwgU2lnbmVyIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOPu6Hi/0stlWMJa+m73Y9KAYo8fAiE53PgPpMjYM3a++Vf7nZ0sByk+W3Q/gRtTfjOnh+2cq2ukTLHKAG0UKZ2kD9PRzwZgfo1GoTKdRekVIIjwxOX6n52RJ9/mblkyPcOPnmjUy+aULaSTow2cI+cRukYEdzEuWDU81QEJ7m+xkZ6eKkrjJ1Y9sX4BzJttlswd43Avu/0QDGunSX37Z0NM21PZCjzgrVr5GAkBHP0Vz+bgGJ5zpcsdMQfhX4yAN6cmYOD/9JO4AQj36LaN+/JS2sU75ub8BHYFdVa1NsFbDPvvsxzrw3pweuZWXZifM+mCUy/O+JPswrnyG9PDLrAgMBAAGjUjBQMB0GA1UdDgQWBBSLVRg9XSNi4SqNZ3jREXhMsfsoEjAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAUoxbAaJmWEswLOot1yC8AeljI8/swDAYIKoZIzj0EAwQFAAOBjAAwgYgCQgExLV4kYrkQJiBN1Jf65BgyHh0qgQfqtma3rtKplKtjjTh5lfXlebrYJU1WyPK3bVotpb4s9cI4pZL1oBZ/XrE28wJCAaf4NGUcE+1nIfWmwAL7HXWzx/LRwufxpnHfkrztHIZPR/5c7N24PQk9njDTUFG7Lv30U8Hp42nD7uxt96zP8N+h-----END CERTIFICATE-----\"}}}}}}",
        "notes": "creating new Policy"
    }
}

svcinfo Description

Value	Explanation
did	Unique identifier for a cryptographic domain in SKFS. Unless you are using a StrongKey Tellaro appliance, this defaults to 1.
protocol	The FIDO protocol to be used in this request (FIDO2_0).
authtype	The type of authentication supplied in this service request—it must be PASSWORD or HMAC (see API Security for details); the example shown here is for PASSWORD type of authentication.
svcusername	The username of the service credential requesting this web service.
svcpassword	The password of the service credential requesting this web service. When PASSWORD authtype is used, SKFS uses entries in a previously configured Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) to authenticate the credential (see Manage Credentials under [ SKFS ⇒ Administration ⇒ Security ] for details).

payload Description

Value

Explanation

policy

The policy to be configured for each of the cryptographic domain. SKFS-PM Module helps define and manage FIDO Policy for each domain. Please refer the SKFS Module for more information and the JSON Schema.

Note: The policy has been minified and all the double quotes have been updated with the backslash for the policy to be processed correctly.

notes

The notes is a plain language name used to identify the kind of policy configured for the cryptographic domain.