Manage scripts over REST
Advanced Identity Cloud provides the /scripts endpoint to manage scripts using REST calls.
Scripts are represented in JSON using standard JSON objects and values.
Each script is identified by a system-generated universally unique identifier (UUID), which must be specified when reading or updating existing scripts. Renaming a script doesn’t affect the UUID.
{
"_id": "aeb22d32-100c-46c0-ac51-af571889e5b9",
"name": "MyJavaScript",
"description": "An example script",
"script": "dmFyIGEgPSAxMjM7CnZhciBiID0gNDU2Ow==",
"default": false,
"language": "JAVASCRIPT",
"context": "POLICY_CONDITION",
"createdBy": "null",
"creationDate": 0,
"lastModifiedBy": "null",
"lastModifiedDate": 0,
"evaluatorVersion": "1.0"
}The values for the fields shown in the example are explained below:
_id-
The UUID that Advanced Identity Cloud generates for the script.
name-
The name provided for the script.
description-
An optional text string to help identify the script.
script-
The source code of the script. The source code is in UTF-8 format and encoded into Base64.
For example, the following script:
var a = 123; var b = 456;becomes
dmFyIGEgPSAxMjM7IA0KdmFyIGIgPSA0NTY7when encoded into Base64. default-
Whether the script is a default script (
true) that applies to all realms, or custom (false). language-
The language the script is written in:
JAVASCRIPT. context-
The context type of the script.
Supported context values Legacy Next-generation Used by AUTHENTICATION_CLIENT_SIDE
Not available
Client-side authentication
AUTHENTICATION_SERVER_SIDE
Not available
Server-side authentication
AUTHENTICATION_TREE_DECISION_NODE
SCRIPTED_DECISION_NODE
DEVICE_MATCH_NODE
Not available
CACHE_LOADER
CONFIG_PROVIDER_NODE
CONFIG_PROVIDER_NODE_NEXT_GEN
Not available
LIBRARY
Not available
NODE_DESIGNER
OAUTH2_ACCESS_TOKEN_MODIFICATION
OAUTH2_ACCESS_TOKEN_MODIFICATION_NEXT_GEN
OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER
OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER_NEXT_GEN
Not available
OAUTH2_DYNAMIC_CLIENT_REGISTRATION
OAUTH2_EVALUATE_SCOPE
OAUTH2_EVALUATE_SCOPE_NEXT_GEN
OAUTH2_MAY_ACT
OAUTH2_MAY_ACT_NEXT_GEN
OAUTH2_SCRIPTED_JWT_ISSUER
OAUTH2_SCRIPTED_JWT_ISSUER_NEXT_GEN
Trusted JWT issuer
OAUTH2_VALIDATE_SCOPE
OAUTH2_VALIDATE_SCOPE_NEXT_GEN
OIDC_CLAIMS
OIDC_CLAIMS_NEXT_GEN
Not available
PINGONE_VERIFY_COMPLETION_DECISION_NODE
POLICY_CONDITION
POLICY_CONDITION_NEXT_GEN
SAML2_IDP_ADAPTER
SAML2_IDP_ADAPTER_NEXTGEN
SAML2_IDP_ATTRIBUTE_MAPPER
SAML2_IDP_ATTRIBUTE_MAPPER_NEXT_GEN
Not available
SAML2_NAMEID_MAPPER
Not available
SAML2_SP_ACCOUNT_MAPPER
SAML2_SP_ADAPTER
SAML2_SP_ADAPTER_NEXTGEN
SOCIAL_IDP_PROFILE_TRANSFORMATION
SOCIAL_IDP_PROFILE_TRANSFORMATION_NEXT_GEN
SOCIAL_PROVIDER_HANDLER_NODE
OIDC_NODE
createdBy-
A string containing the universal identifier DN of the subject that created the script, or
nullwhen not used in Advanced Identity Cloud. creationDate-
An integer containing the creation date and time, in ISO 8601 format, or
0when not used in Advanced Identity Cloud. lastModifiedBy-
A string containing the universal identifier DN of the subject that most recently updated the resource type, or
nullwhen not used in Advanced Identity Cloud.If the script has not been modified since it was created, this property will have the same value as
createdBy. lastModifiedDate-
A string containing the last modified date and time, in ISO 8601 format, or
0when not used in Advanced Identity Cloud.If the script has not been modified since it was created, this property will have the same value as
creationDate. evaluatorVersion-
A number representing the script engine version:
1.0for legacy or2.0for next-generation. Refer to Next-generation scripts for details.When invalid or unspecified, the value defaults to
1.0for all script types except library scripts, which are always2.0(next-generation).