Security Configuration

URL:: https://<root>/security/config
Methods:: GET
Operations:: Update Security Configuration, Update Identity Store, Test Identity Store
Required Capability:: Access allowed with either the "Security and Infrastructure" or "Add" privileges
Version Introduced:: 10.2.1

Description

The config returns the identity store information, as well as various security configurations, for an organization.

From this endpoint, administrators can access the Update Identity Store operation to configure their enterprise identity provider (Windows Domain, LDAP, etc.). Organizations are configured to use the built-in store and token-based authentication by default. Before updating the organization's identity provider, the Test Identity Provider operation can be first used to test the connection to the user and group store.

Administrators can also access the Update Security Configuration operation to update various security properties, including specifying Content-Security-Policy response headers that are used when accessing the portal, its associated applications, and the Portal Directory.

Request parameters

Parameter	Details
`f`	The response format. The default response format is `html`. Values: `html` \| `json` \| `pjson`

Example usage

The following is a sample request URL used to access the config resource:

Use dark colors for code blocksCopy
https://organization.example.com/<context>/portaladmin/security/config?f=pjson

JSON Response syntax

Use dark colors for code blocksCopy
{
  "disableServicesDirectory": <true|false>,
  "enableAutomaticAccountCreation": "<true|false>",
  "contentSecurityPolicy": {
    "home": "<CSP response header>",
    "apps": "<CSP response header>",
    "sharing": "<CSP response header>"
  },
  "webgisServerTrustKey": "<encrypted trust key>",
  "userStoreConfig": {<user store information>},
  "groupStoreConfig": {<group store information>}
}

JSON Response example

Use dark colors for code blocksCopy
{
  "disableServicesDirectory": false,
  "enableAutomaticAccountCreation": "true",
  "contentSecurityPolicy": {
    "home": "frame-ancestors 'self';",
    "apps": "",
    "sharing": "script-src 'self';"
  },
  "webgisServerTrustKey": "6SfcJ1wdYeNK7WmnUx87WKscKkPXW/xNlEdBpUFceP8=",
  "userStoreConfig": {
    "type": "BUILTIN",
    "properties": {"isPasswordEncrypted": "true"}
  },
  "groupStoreConfig": {
    "type": "BUILTIN",
    "properties": {"isPasswordEncrypted": "true"}
  }
}