From 7ddda82b43e98bbd52345f350d9d7f0e19b3f73f Mon Sep 17 00:00:00 2001 From: Paul McKeown Date: Tue, 10 Dec 2024 15:13:47 +1300 Subject: [PATCH 1/3] Added new CLI option to support better control over the managed object naming used in imports and exports --- src/cli/FrodoCommand.ts | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/cli/FrodoCommand.ts b/src/cli/FrodoCommand.ts index 4040a5d2..35225eea 100644 --- a/src/cli/FrodoCommand.ts +++ b/src/cli/FrodoCommand.ts @@ -120,6 +120,14 @@ const noCacheOption = new Option( 'Disable token cache for this operation.' ); +const useRealmPrefixOnManagedObjects = new Option( + '--use-realm-prefix-on-managed-objects', + 'Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user,\ + managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user \ + etc. is retained. \ + This option is ignored when the deployment type is "cloud".' +); + const flushCacheOption = new Option('--flush-cache', 'Flush token cache.'); const retryOption = new Option( @@ -157,6 +165,7 @@ const defaultOpts = [ noCacheOption, flushCacheOption, retryOption, + useRealmPrefixOnManagedObjects, ]; const stateMap = { @@ -226,6 +235,8 @@ const stateMap = { state.setCurlirize(curlirize), [noCacheOption.attributeName()]: (cache: boolean) => state.setUseTokenCache(cache), + [useRealmPrefixOnManagedObjects.attributeName()]: () => + state.setUseRealmPrefixOnManagedObjects(true), [flushCacheOption.attributeName()]: (flush: boolean) => { if (flush) frodo.cache.flush(); }, From 40b15aa577fc405b442453a7404afca04284f45e Mon Sep 17 00:00:00 2001 From: Preston Hales Date: Fri, 13 Feb 2026 09:53:37 -0700 Subject: [PATCH 2/3] Add tests for use-realm-prefix-on-managed-object flag --- package-lock.json | 11 - src/cli/FrodoCommand.ts | 2 +- ...dd-autoid-static-user-mapping.test.js.snap | 117 +--- ...-client-with-admin-privileges.test.js.snap | 152 +---- .../admin-get-access-token.test.js.snap | 129 +--- ...auth2-client-admin-privileges.test.js.snap | 124 +--- ...-generic-extension-attributes.test.js.snap | 126 +--- ...clients-with-admin-privileges.test.js.snap | 122 +--- ...lients-with-custom-privileges.test.js.snap | 122 +--- ...min-list-static-user-mappings.test.js.snap | 125 +--- ...in-remove-static-user-mapping.test.js.snap | 124 +--- .../admin-repair-org-model.test.js.snap | 130 +--- ...auth2-client-admin-privileges.test.js.snap | 124 +--- ...-generic-extension-attributes.test.js.snap | 128 +--- .../__snapshots__/agent-delete.test.js.snap | 126 +--- .../__snapshots__/agent-describe.test.js.snap | 126 +--- .../__snapshots__/agent-export.test.js.snap | 139 +--- .../agent-gateway-delete.test.js.snap | 127 +--- .../agent-gateway-describe.test.js.snap | 124 +--- .../agent-gateway-export.test.js.snap | 138 +--- .../agent-gateway-import.test.js.snap | 136 +--- .../agent-gateway-list.test.js.snap | 124 +--- .../__snapshots__/agent-import.test.js.snap | 137 +--- .../agent-java-delete.test.js.snap | 126 +--- .../agent-java-describe.test.js.snap | 124 +--- .../agent-java-export.test.js.snap | 137 +--- .../agent-java-import.test.js.snap | 135 +--- .../agent-java-list.test.js.snap | 124 +--- .../en/__snapshots__/agent-list.test.js.snap | 126 +--- .../agent-web-delete.test.js.snap | 127 +--- .../agent-web-describe.test.js.snap | 124 +--- .../agent-web-export.test.js.snap | 137 +--- .../agent-web-import.test.js.snap | 135 +--- .../__snapshots__/agent-web-list.test.js.snap | 124 +--- .../en/__snapshots__/app-delete.test.js.snap | 131 +--- .../en/__snapshots__/app-export.test.js.snap | 141 +--- .../en/__snapshots__/app-import.test.js.snap | 138 +--- .../en/__snapshots__/app-list.test.js.snap | 124 +--- .../__snapshots__/authn-describe.test.js.snap | 126 +--- .../__snapshots__/authn-export.test.js.snap | 129 +--- .../__snapshots__/authn-import.test.js.snap | 126 +--- .../authz-policy-delete.test.js.snap | 130 +--- .../authz-policy-describe.test.js.snap | 126 +--- .../authz-policy-export.test.js.snap | 145 ++-- .../authz-policy-import.test.js.snap | 145 +--- .../authz-policy-list.test.js.snap | 126 +--- .../authz-set-delete.test.js.snap | 127 +--- .../authz-set-describe.test.js.snap | 126 +--- .../authz-set-export.test.js.snap | 143 +--- .../authz-set-import.test.js.snap | 141 +--- .../authz-type-delete.test.js.snap | 131 +--- .../authz-type-describe.test.js.snap | 128 +--- .../authz-type-export.test.js.snap | 141 +--- .../authz-type-import.test.js.snap | 138 +--- .../authz-type-list.test.js.snap | 124 +--- .../__snapshots__/config-export.test.js.snap | 186 ++---- .../__snapshots__/config-import.test.js.snap | 172 ++--- ...-manager-export-access-config.test.js.snap | 122 +--- ...fig-manager-export-all-static.test.js.snap | 122 +--- .../config-manager-export-all.test.js.snap | 1 + .../config-manager-export-audit.test.js.snap | 122 +--- ...manager-export-authentication.test.js.snap | 126 +--- ...manager-export-authz-policies.test.js.snap | 134 +--- ...-export-connector-definitions.test.js.snap | 125 +--- ...ger-export-connector-mappings.test.js.snap | 122 +--- ...manager-export-cookie-domains.test.js.snap | 122 +--- .../config-manager-export-cors.test.js.snap | 122 +--- .../config-manager-export-csp.test.js.snap | 126 +--- ...manager-export-email-provider.test.js.snap | 122 +--- ...anager-export-email-templates.test.js.snap | 125 +--- ...nfig-manager-export-endpoints.test.js.snap | 125 +--- ...manager-export-internal-roles.test.js.snap | 125 +--- ...onfig-manager-export-journeys.test.js.snap | 130 +--- .../config-manager-export-kba.test.js.snap | 122 +--- ...config-manager-export-locales.test.js.snap | 125 +--- ...anager-export-managed-objects.test.js.snap | 125 +--- ...anager-export-password-policy.test.js.snap | 126 +--- .../config-manager-export-raw.test.js.snap | 125 +--- ...manager-export-remote-servers.test.js.snap | 122 +--- .../config-manager-export-saml.test.js.snap | 124 +--- ...nfig-manager-export-schedules.test.js.snap | 125 +--- ...config-manager-export-scripts.test.js.snap | 146 +--- ...anager-export-secret-mappings.test.js.snap | 129 +--- ...config-manager-export-secrets.test.js.snap | 122 +--- ...anager-export-service-objects.test.js.snap | 125 +--- ...onfig-manager-export-services.test.js.snap | 127 +--- ...r-export-terms-and-conditions.test.js.snap | 122 +--- .../config-manager-export-themes.test.js.snap | 122 +--- ...nfig-manager-export-ui-config.test.js.snap | 122 +--- ...nfig-manager-export-variables.test.js.snap | 122 +--- .../en/__snapshots__/conn-delete.test.js.snap | 78 +-- .../__snapshots__/conn-describe.test.js.snap | 80 +-- .../en/__snapshots__/conn-list.test.js.snap | 75 +-- .../en/__snapshots__/conn-save.test.js.snap | 4 + .../email-template-delete.test.js.snap | 128 +--- .../email-template-export.test.js.snap | 139 +--- .../email-template-import.test.js.snap | 144 +--- .../email-template-list.test.js.snap | 124 +--- .../en/__snapshots__/esv-apply.test.js.snap | 134 +--- .../esv-secret-create.test.js.snap | 132 +--- .../esv-secret-delete.test.js.snap | 122 +--- .../esv-secret-describe.test.js.snap | 137 +--- .../esv-secret-export.test.js.snap | 148 +--- .../esv-secret-import.test.js.snap | 146 +--- .../esv-secret-list.test.js.snap | 136 +--- .../__snapshots__/esv-secret-set.test.js.snap | 121 +--- .../esv-secret-version-activate.test.js.snap | 121 +--- .../esv-secret-version-create.test.js.snap | 125 +--- ...esv-secret-version-deactivate.test.js.snap | 121 +--- .../esv-secret-version-delete.test.js.snap | 124 +--- .../esv-secret-version-list.test.js.snap | 121 +--- .../esv-variable-create.test.js.snap | 127 +--- .../esv-variable-delete.test.js.snap | 126 +--- .../esv-variable-describe.test.js.snap | 137 +--- .../esv-variable-export.test.js.snap | 135 +--- .../esv-variable-import.test.js.snap | 130 +--- .../esv-variable-list.test.js.snap | 136 +--- .../esv-variable-set.test.js.snap | 123 +--- .../en/__snapshots__/idm-count.test.js.snap | 126 +--- .../en/__snapshots__/idm-delete.test.js.snap | 124 +--- .../en/__snapshots__/idm-export.test.js.snap | 154 ++--- .../en/__snapshots__/idm-import.test.js.snap | 142 +--- .../en/__snapshots__/idm-list.test.js.snap | 122 +--- .../idm-schema-object-export.test.js.snap | 129 +--- .../idm-schema-object-import.test.js.snap | 129 +--- .../en/__snapshots__/idp-delete.test.js.snap | 124 +--- .../en/__snapshots__/idp-export.test.js.snap | 138 +--- .../en/__snapshots__/idp-import.test.js.snap | 138 +--- .../en/__snapshots__/idp-list.test.js.snap | 122 +--- .../en/__snapshots__/info.test.js.snap | 119 +--- .../__snapshots__/journey-delete.test.js.snap | 135 +--- .../journey-describe.test.js.snap | 142 +--- .../journey-disable.test.js.snap | 124 +--- .../__snapshots__/journey-enable.test.js.snap | 124 +--- .../__snapshots__/journey-export.test.js.snap | 150 ++--- .../__snapshots__/journey-import.test.js.snap | 143 +--- .../__snapshots__/journey-list.test.js.snap | 126 +--- .../__snapshots__/journey-prune.test.js.snap | 122 +--- .../en/__snapshots__/log-fetch.test.js.snap | 312 +++------ .../en/__snapshots__/log-list.test.js.snap | 234 ++----- .../en/__snapshots__/log-tail.test.js.snap | 284 +++----- .../__snapshots__/mapping-delete.test.js.snap | 1 + .../__snapshots__/mapping-export.test.js.snap | 1 + .../__snapshots__/mapping-import.test.js.snap | 138 +--- .../__snapshots__/mapping-list.test.js.snap | 124 +--- .../__snapshots__/mapping-rename.test.js.snap | 137 +--- .../en/__snapshots__/node-delete.test.js.snap | 134 +--- .../__snapshots__/node-describe.test.js.snap | 128 +--- .../en/__snapshots__/node-export.test.js.snap | 150 ++--- .../en/__snapshots__/node-import.test.js.snap | 148 +--- .../en/__snapshots__/node-list.test.js.snap | 124 +--- .../oauth-client-delete.test.js.snap | 131 +--- .../oauth-client-export.test.js.snap | 140 +--- .../oauth-client-import.test.js.snap | 138 +--- .../oauth-client-list.test.js.snap | 124 +--- .../en/__snapshots__/promote.test.js.snap | 157 ++--- .../realm-add-custom-domain.test.js.snap | 124 +--- .../__snapshots__/realm-describe.test.js.snap | 122 +--- .../__snapshots__/realm-export.test.js.snap | 140 +--- .../__snapshots__/realm-import.test.js.snap | 139 +--- .../en/__snapshots__/realm-list.test.js.snap | 124 +--- .../realm-remove-custom-domain.test.js.snap | 124 +--- .../en/__snapshots__/role-export.test.js.snap | 143 +--- .../en/__snapshots__/role-import.test.js.snap | 140 +--- .../en/__snapshots__/role-list.test.js.snap | 124 +--- .../saml-cot-export.test.js.snap | 139 +--- .../saml-cot-import.test.js.snap | 137 +--- .../__snapshots__/saml-cot-list.test.js.snap | 124 +--- .../en/__snapshots__/saml-delete.test.js.snap | 127 +--- .../__snapshots__/saml-describe.test.js.snap | 124 +--- .../en/__snapshots__/saml-export.test.js.snap | 144 +--- .../en/__snapshots__/saml-import.test.js.snap | 140 +--- .../en/__snapshots__/saml-list.test.js.snap | 124 +--- .../saml-metadata-export.test.js.snap | 130 +--- .../__snapshots__/script-delete.test.js.snap | 131 +--- .../script-describe.test.js.snap | 144 +--- .../__snapshots__/script-export.test.js.snap | 154 ++--- .../__snapshots__/script-import.test.js.snap | 157 ++--- .../en/__snapshots__/script-list.test.js.snap | 141 +--- .../secretstore-delete.test.js.snap | 1 + .../secretstore-describe.test.js.snap | 1 + .../secretstore-export.test.js.snap | 1 + .../secretstore-import.test.js.snap | 1 + .../secretstore-list.test.js.snap | 127 +--- ...tstore-mapping-alias-activate.test.js.snap | 1 + ...retstore-mapping-alias-create.test.js.snap | 1 + ...retstore-mapping-alias-delete.test.js.snap | 1 + ...ecretstore-mapping-alias-list.test.js.snap | 1 + .../secretstore-mapping-create.test.js.snap | 1 + .../secretstore-mapping-delete.test.js.snap | 1 + .../secretstore-mapping-list.test.js.snap | 1 + .../__snapshots__/server-export.test.js.snap | 151 ++--- .../__snapshots__/server-import.test.js.snap | 144 +--- .../en/__snapshots__/server-list.test.js.snap | 124 +--- .../__snapshots__/service-delete.test.js.snap | 128 +--- .../__snapshots__/service-export.test.js.snap | 138 +--- .../__snapshots__/service-import.test.js.snap | 144 +--- .../__snapshots__/service-list.test.js.snap | 126 +--- .../en/__snapshots__/shell.test.js.snap | 125 +--- .../__snapshots__/theme-delete.test.js.snap | 131 +--- .../__snapshots__/theme-export.test.js.snap | 141 +--- .../__snapshots__/theme-import.test.js.snap | 138 +--- .../en/__snapshots__/theme-list.test.js.snap | 124 +--- .../__snapshots__/app-export.e2e.test.js.snap | 128 ++++ .../__snapshots__/app-import.e2e.test.js.snap | 12 + .../__snapshots__/app-list.e2e.test.js.snap | 41 +- .../esv-secret-create.e2e.test.js.snap | 132 +--- .../__snapshots__/idp-delete.e2e.test.js.snap | 124 +--- test/e2e/app-export.e2e.test.js | 81 ++- test/e2e/app-import.e2e.test.js | 83 ++- test/e2e/app-list.e2e.test.js | 82 ++- .../all/forgeopsAlphaApps.application.json | 20 + .../all/forgeopsBravoApps.application.json | 20 + .../all/forgeopsRootApps.application.json | 22 + .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 171 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 171 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 171 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 171 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 171 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 171 +++++ .../am_1076162899/recording.har | 304 --------- .../oauth2_393036114/recording.har | 142 ---- .../openidm_3290118515/recording.har | 298 --------- .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ .../am_1076162899/recording.har | 631 ++++++++++++++++++ .../oauth2_393036114/recording.har | 289 ++++++++ .../openidm_3290118515/recording.har | 167 +++++ test/e2e/utils/TestConfig.js | 7 + 272 files changed, 26363 insertions(+), 19461 deletions(-) create mode 100644 test/e2e/exports/all/forgeopsAlphaApps.application.json create mode 100644 test/e2e/exports/all/forgeopsBravoApps.application.json create mode 100644 test/e2e/exports/all/forgeopsRootApps.application.json create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaBravoNoPrefix_704196702/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaBravoNoPrefix_704196702/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaBravoNoPrefix_704196702/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaBravoPrefix_2103653129/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaBravoPrefix_2103653129/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaBravoPrefix_2103653129/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaNoPrefix_2944711820/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaNoPrefix_2944711820/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaNoPrefix_2944711820/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaPrefix_2600248319/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaPrefix_2600248319/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/alphaPrefix_2600248319/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/rootNoPrefix_112716798/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/rootNoPrefix_112716798/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/rootNoPrefix_112716798/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/rootPrefix_950912617/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/rootPrefix_950912617/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/export_4211608755/rootPrefix_950912617/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaBravoNoPrefix_704196702/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaBravoNoPrefix_704196702/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaBravoNoPrefix_704196702/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaBravoPrefix_2103653129/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaBravoPrefix_2103653129/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaBravoPrefix_2103653129/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaNoPrefix_2944711820/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaNoPrefix_2944711820/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaNoPrefix_2944711820/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaPrefix_2600248319/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaPrefix_2600248319/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/alphaPrefix_2600248319/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/rootNoPrefix_112716798/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/rootNoPrefix_112716798/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/rootNoPrefix_112716798/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/rootPrefix_950912617/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/rootPrefix_950912617/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/import_288002260/rootPrefix_950912617/openidm_3290118515/recording.har delete mode 100644 test/e2e/mocks/app_527074092/list_217798785/0_long_276218670/am_1076162899/recording.har delete mode 100644 test/e2e/mocks/app_527074092/list_217798785/0_long_276218670/oauth2_393036114/recording.har delete mode 100644 test/e2e/mocks/app_527074092/list_217798785/0_long_276218670/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaBravoNoPrefix_704196702/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaBravoNoPrefix_704196702/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaBravoNoPrefix_704196702/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaBravoPrefix_2103653129/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaBravoPrefix_2103653129/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaBravoPrefix_2103653129/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaNoPrefix_2944711820/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaNoPrefix_2944711820/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaNoPrefix_2944711820/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaPrefix_2600248319/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaPrefix_2600248319/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/alphaPrefix_2600248319/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/rootNoPrefix_112716798/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/rootNoPrefix_112716798/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/rootNoPrefix_112716798/openidm_3290118515/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/rootPrefix_950912617/am_1076162899/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/rootPrefix_950912617/oauth2_393036114/recording.har create mode 100644 test/e2e/mocks/app_527074092/list_217798785/rootPrefix_950912617/openidm_3290118515/recording.har diff --git a/package-lock.json b/package-lock.json index 1a0b1613..0d795710 100644 --- a/package-lock.json +++ b/package-lock.json @@ -92,7 +92,6 @@ "integrity": "sha512-CGOfOJqWjg2qW/Mb6zNsDm+u5vFQ8DxXfbM09z69p5Z6+mE1ikP2jUXw+j42Pf1XTYED2Rni5f95npYeuwMDQA==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@babel/code-frame": "^7.29.0", "@babel/generator": "^7.29.0", @@ -2362,7 +2361,6 @@ "integrity": "sha512-94EQTWZ40mzBc42ATNIBimBEDltSJ9RQHCC8vc/PDbxi4k8dVwUAv4o98dk50M1zB+JGFxp43FP7f8+FP8R6Sw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", "@typescript-eslint/scope-manager": "7.18.0", @@ -2397,7 +2395,6 @@ "integrity": "sha512-4Z+L8I2OqhZV8qA132M4wNL30ypZGYOQVBfMgxDH/K5UX0PNqTu1c6za9ST5r9+tavvHiTWmBnKzpCJ/GlVFtg==", "dev": true, "license": "BSD-2-Clause", - "peer": true, "dependencies": { "@typescript-eslint/scope-manager": "7.18.0", "@typescript-eslint/types": "7.18.0", @@ -2613,7 +2610,6 @@ "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", "dev": true, "license": "MIT", - "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -3315,7 +3311,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "baseline-browser-mapping": "^2.9.0", "caniuse-lite": "^1.0.30001759", @@ -4334,7 +4329,6 @@ "dev": true, "hasInstallScript": true, "license": "MIT", - "peer": true, "bin": { "esbuild": "bin/esbuild" }, @@ -4400,7 +4394,6 @@ "deprecated": "This version is no longer supported. Please see https://eslint.org/version-support for other options.", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.6.1", @@ -4457,7 +4450,6 @@ "integrity": "sha512-82GZUjRS0p/jganf6q1rEO25VSoHH0hKPCTrgillPjdI/3bgBhAE1QzHrHTizjpRvy6pGAvKjDJtk2pF9NDq8w==", "dev": true, "license": "MIT", - "peer": true, "bin": { "eslint-config-prettier": "bin/cli.js" }, @@ -6366,7 +6358,6 @@ "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -8336,7 +8327,6 @@ "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==", "dev": true, "license": "MIT", - "peer": true, "bin": { "prettier": "bin/prettier.cjs" }, @@ -10048,7 +10038,6 @@ "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", "dev": true, "license": "Apache-2.0", - "peer": true, "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" diff --git a/src/cli/FrodoCommand.ts b/src/cli/FrodoCommand.ts index 35225eea..feb36695 100644 --- a/src/cli/FrodoCommand.ts +++ b/src/cli/FrodoCommand.ts @@ -121,7 +121,7 @@ const noCacheOption = new Option( ); const useRealmPrefixOnManagedObjects = new Option( - '--use-realm-prefix-on-managed-objects', + '--use-realm-prefix-on-managed-objects', 'Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user,\ managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user \ etc. is retained. \ diff --git a/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap b/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap index 0f4b0a0a..d3abf57a 100644 --- a/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap @@ -7,96 +7,37 @@ Add AutoId static user mapping to enable dashboards and other AutoId-based functionality. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap index f03533a1..200d447a 100644 --- a/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap @@ -6,123 +6,45 @@ exports[`CLI help interface for 'admin create-oauth2-client-with-admin-privilege Create an oauth2 client with admin privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --client-id [id] Client id. - --client-secret [secret] Client secret. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --llt Create a long-lived token and store it - in a secret. The default secret name is - esv-admin-token and the default token - lifetime is 315,360,000 seconds (10 - years). Both can be overwritten with the - --llt-esv and --llt-ttl options. - --llt-esv [esv] Name of the secret to store the token - in. This option only applies if used - with the --llt option. (default: - esv-admin-token) - --llt-scope [scope] Request the following scope(s). This - option only applies if used with the - --llt option. (default: fr:idm:*) - --llt-ttl [ttl] Token lifetime (seconds). This option - only applies if used with the --llt - option. (default: 315,360,000 seconds - (10 years)) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-llt-esv Don't store the token in a secret and - output to console instead. This option - only applies if used with the --llt - option. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --client-id [id] Client id. + --client-secret [secret] Client secret. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --llt Create a long-lived token and store it in a secret. The default secret name is esv-admin-token and the default token lifetime is 315,360,000 seconds (10 years). Both can be overwritten with the --llt-esv and --llt-ttl options. + --llt-esv [esv] Name of the secret to store the token in. This option only applies if used with the --llt option. (default: esv-admin-token) + --llt-scope [scope] Request the following scope(s). This option only applies if used with the --llt option. (default: fr:idm:*) + --llt-ttl [ttl] Token lifetime (seconds). This option only applies if used with the --llt option. (default: 315,360,000 seconds (10 years)) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-llt-esv Don't store the token in a secret and output to console instead. This option only applies if used with the --llt option. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap b/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap index fffdc69f..056fc993 100644 --- a/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap @@ -6,104 +6,41 @@ exports[`CLI help interface for 'admin get-access-token' should be expected engl Get an access token using client credentials grant type. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --client-id [id] Client id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - -s, --client-secret [secret] Client secret. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --scope [scope] Request the following scope(s). - (default: fr:idm:*) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --client-id [id] Client id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + -s, --client-secret [secret] Client secret. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --scope [scope] Request the following scope(s). (default: fr:idm:*) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap index 911d4973..61f4e3e4 100644 --- a/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'admin grant-oauth2-client-admin-privileges' sho Grant an oauth2 client admin privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --client-id OAuth2 client id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --client-id OAuth2 client id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap b/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap index dce4f039..20f9f7b7 100644 --- a/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'admin hide-generic-extension-attributes' should Hide generic extension attributes. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --dry-run Dry-run only, do not perform changes. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-customized Include customized attributes. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --dry-run Dry-run only, do not perform changes. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-customized Include customized attributes. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap index 5ee240ea..ae5b2c57 100644 --- a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'admin list-oauth2-clients-with-admin-privileges List oauth2 clients with admin privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap index 4b4e3258..19ed229f 100644 --- a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'admin list-oauth2-clients-with-custom-privilege List oauth2 clients with custom privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap b/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap index 27e7a0ec..bce53803 100644 --- a/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'admin list-static-user-mappings' should be expe List all subjects of static user mappings that are not oauth2 clients. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --show-protected Show protected (system) subjects. - (default: false) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --show-protected Show protected (system) subjects. (default: false) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap b/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap index 4812fee5..23da983f 100644 --- a/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'admin remove-static-user-mapping' should be exp Remove a subject's static user mapping. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --sub-id Subject identifier. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --sub-id Subject identifier. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap b/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap index c788006a..37bcd72b 100644 --- a/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap @@ -6,105 +6,41 @@ exports[`CLI help interface for 'admin repair-org-model' should be expected engl Repair org model. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --dry-run Dry-run only, do not perform changes. - --exclude-customized Exclude customized properties from - repair. - --extend-permissions Extend permissions to include custom - attributes. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --dry-run Dry-run only, do not perform changes. + --exclude-customized Exclude customized properties from repair. + --extend-permissions Extend permissions to include custom attributes. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap index c0e5a8bd..b2365883 100644 --- a/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'admin revoke-oauth2-client-admin-privileges' sh Revoke admin privileges from an oauth2 client. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --client-id OAuth2 client id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --client-id OAuth2 client id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap b/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap index 9fc80ec0..da747953 100644 --- a/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap @@ -6,104 +6,40 @@ exports[`CLI help interface for 'admin show-generic-extension-attributes' should Show generic extension attributes. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --dry-run Dry-run only, do not perform changes. - (default: false) - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-customized Include customized attributes. (default: - false) - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --dry-run Dry-run only, do not perform changes. (default: false) + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-customized Include customized attributes. (default: false) + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-delete.test.js.snap index 7787427e..19caed68 100644 --- a/test/client_cli/en/__snapshots__/agent-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-delete.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'agent delete' should be expected english 1`] = Delete agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all agents. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-describe.test.js.snap index c76416e6..325856f1 100644 --- a/test/client_cli/en/__snapshots__/agent-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-describe.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'agent describe' should be expected english 1`] Describe agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -g, --global Describe global agent. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -g, --global Describe global agent. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-export.test.js.snap index 457f3d05..26b275f4 100644 --- a/test/client_cli/en/__snapshots__/agent-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-export.test.js.snap @@ -6,111 +6,44 @@ exports[`CLI help interface for 'agent export' should be expected english 1`] = Export agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all agents to a single file. - Ignored with -i. - -A, --all-separate Export all agents to separate files - (*..agent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -g, --global Export global agents. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all agents to a single file. Ignored with -i. + -A, --all-separate Export all agents to separate files (*..agent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -g, --global Export global agents. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap index 7833a9fb..c4e5a4da 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap @@ -6,103 +6,40 @@ exports[`CLI help interface for 'agent gateway delete' should be expected englis Delete identity gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all identity gateway agents. - Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all identity gateway agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap index 33c59e26..9a5920c5 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'agent gateway describe' should be expected engl Describe gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap index cc9efdf5..56bf09b6 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap @@ -6,111 +6,43 @@ exports[`CLI help interface for 'agent gateway export' should be expected englis Export gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all gateway agents to a single - file. Ignored with -i. - -A, --all-separate Export all gateway agents to separate - files (*.identitygatewayagent.json) in - the current directory. Ignored with -i - or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all gateway agents to a single file. Ignored with -i. + -A, --all-separate Export all gateway agents to separate files (*.identitygatewayagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap index 0506a415..f3264112 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap @@ -6,110 +6,42 @@ exports[`CLI help interface for 'agent gateway import' should be expected englis Import gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.identitygatewayagent.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.identitygatewayagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap index 62f91e02..12674569 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'agent gateway list' should be expected english List gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-import.test.js.snap index 1e570390..5fba96ed 100644 --- a/test/client_cli/en/__snapshots__/agent-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-import.test.js.snap @@ -6,110 +6,43 @@ exports[`CLI help interface for 'agent import' should be expected english 1`] = Import agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.agent.json) in the current directory. - Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -g, --global Import global agents. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.agent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -g, --global Import global agents. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap index 2bfa8c66..4d404e55 100644 --- a/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'agent java delete' should be expected english 1 Delete java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all java agents. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all java agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap index 3276d27e..0f5c41fd 100644 --- a/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'agent java describe' should be expected english Describe java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap index 6a1c2214..6b88f0e4 100644 --- a/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap @@ -6,110 +6,43 @@ exports[`CLI help interface for 'agent java export' should be expected english 1 Export java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all java agents to a single file. - Ignored with -i. - -A, --all-separate Export all java agents to separate files - (*.javaagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all java agents to a single file. Ignored with -i. + -A, --all-separate Export all java agents to separate files (*.javaagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap index 378f60f0..98c38224 100644 --- a/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap @@ -6,109 +6,42 @@ exports[`CLI help interface for 'agent java import' should be expected english 1 Import java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.javaagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.javaagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap index 88144880..386a2c30 100644 --- a/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'agent java list' should be expected english 1`] List java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-list.test.js.snap index bd6146b6..92360dbf 100644 --- a/test/client_cli/en/__snapshots__/agent-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-list.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'agent list' should be expected english 1`] = ` List agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -g, --global List global agents. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -g, --global List global agents. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap index 6256568b..97de812e 100644 --- a/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap @@ -6,103 +6,40 @@ exports[`CLI help interface for 'agent web delete' should be expected english 1` Delete web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all web agents. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all web agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap index df573dff..ffcc56d9 100644 --- a/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'agent web describe' should be expected english Describe web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap index c35814d0..7ce930aa 100644 --- a/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap @@ -6,110 +6,43 @@ exports[`CLI help interface for 'agent web export' should be expected english 1` Export web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all web agents to a single file. - Ignored with -i. - -A, --all-separate Export all web agents to separate files - (*.webagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all web agents to a single file. Ignored with -i. + -A, --all-separate Export all web agents to separate files (*.webagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap index 0eefd3a1..bccfb3b3 100644 --- a/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap @@ -6,109 +6,42 @@ exports[`CLI help interface for 'agent web import' should be expected english 1` Import web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.webagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.webagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap index ba06436e..fc5a6744 100644 --- a/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'agent web list' should be expected english 1`] List web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-delete.test.js.snap b/test/client_cli/en/__snapshots__/app-delete.test.js.snap index 7316f769..277078eb 100644 --- a/test/client_cli/en/__snapshots__/app-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-delete.test.js.snap @@ -6,106 +6,41 @@ exports[`CLI help interface for 'app delete' should be expected english 1`] = ` Delete applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all applications. Ignored with - -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id Application name. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deep No deep delete. This leaves orphaned - configuration artifacts behind. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all applications. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id Application name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deep No deep delete. This leaves orphaned configuration artifacts behind. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-export.test.js.snap b/test/client_cli/en/__snapshots__/app-export.test.js.snap index e8e20b3c..0f3ff4e0 100644 --- a/test/client_cli/en/__snapshots__/app-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-export.test.js.snap @@ -6,113 +6,44 @@ exports[`CLI help interface for 'app export' should be expected english 1`] = ` Export applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all applications to a single - file. Ignored with -i. - -A, --all-separate Export all applications to separate - files (*.application.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id Application name. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all applications to a single file. Ignored with -i. + -A, --all-separate Export all applications to separate files (*.application.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id Application name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-import.test.js.snap b/test/client_cli/en/__snapshots__/app-import.test.js.snap index 5b6f6c15..40e15270 100644 --- a/test/client_cli/en/__snapshots__/app-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-import.test.js.snap @@ -6,111 +6,43 @@ exports[`CLI help interface for 'app import' should be expected english 1`] = ` Import applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all applications from single - file. Ignored with -i. - -A, --all-separate Import all applications from separate - files (*.app.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id Application name. If specified, only one - application is imported and the options - -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all applications from single file. Ignored with -i. + -A, --all-separate Import all applications from separate files (*.app.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id Application name. If specified, only one application is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-list.test.js.snap b/test/client_cli/en/__snapshots__/app-list.test.js.snap index 609d8be8..1fa18bc7 100644 --- a/test/client_cli/en/__snapshots__/app-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-list.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'app list' should be expected english 1`] = ` List applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authn-describe.test.js.snap b/test/client_cli/en/__snapshots__/authn-describe.test.js.snap index 18cb3daa..b6b36440 100644 --- a/test/client_cli/en/__snapshots__/authn-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authn-describe.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'authn describe' should be expected english 1`] Describe authentication settings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -g, --global Describe global authentication settings. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -g, --global Describe global authentication settings. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authn-export.test.js.snap b/test/client_cli/en/__snapshots__/authn-export.test.js.snap index 4bfbe6f6..6397e73f 100644 --- a/test/client_cli/en/__snapshots__/authn-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authn-export.test.js.snap @@ -6,104 +6,41 @@ exports[`CLI help interface for 'authn export' should be expected english 1`] = Export authentication settings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -g, --global Export global authentication settings. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -g, --global Export global authentication settings. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authn-import.test.js.snap b/test/client_cli/en/__snapshots__/authn-import.test.js.snap index 26c8300e..7d97e18a 100644 --- a/test/client_cli/en/__snapshots__/authn-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authn-import.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'authn import' should be expected english 1`] = Import authentication settings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -g, --global Export global authentication settings. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -g, --global Export global authentication settings. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap index 7e277383..783ce4a4 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap @@ -6,105 +6,41 @@ exports[`CLI help interface for 'authz policy delete' should be expected english Delete authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all policies in a realm. Ignored - with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id/name. If specified, -a is - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Policy set id/name. Ignored with -i. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all policies in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id/name. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Policy set id/name. Ignored with -i. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap index f76b9f04..057079d6 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'authz policy describe' should be expected engli Describe authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id/name. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id/name. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap index 527d4d18..035f48b6 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap @@ -6,115 +6,46 @@ exports[`CLI help interface for 'authz policy export' should be expected english Export authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export policies to a single file. - Ignored with -i. - -A, --all-separate Export policies to separate files - (*.policy.authz.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include dependencies (scripts). - --passphrase The passphrase for the Amster private - key if it is encrypted. - --prereqs Include prerequisites (policy sets, - resource types). - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Export policies in policy set only. - Ignored with -i. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export policies to a single file. Ignored with -i. + -A, --all-separate Export policies to separate files (*.policy.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include dependencies (scripts). + --passphrase The passphrase for the Amster private key if it is encrypted. + --prereqs Include prerequisites (policy sets, resource types). + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Export policies in policy set only. Ignored with -i. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap index 6bc1040e..cfbba83b 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap @@ -6,116 +6,45 @@ exports[`CLI help interface for 'authz policy import' should be expected english Import authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all policies from single file. - Ignored with -i. - -A, --all-separate Import all policies from separate files - (*.policy.authz.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id. If specified, only one policy - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not import dependencies (scripts) - even if they are available in the import - file. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --prereqs Import prerequisites (policy sets, - resource types) if they are available in - the import file. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Import policies into this policy set. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all policies from single file. Ignored with -i. + -A, --all-separate Import all policies from separate files (*.policy.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id. If specified, only one policy is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not import dependencies (scripts) even if they are available in the import file. + --passphrase The passphrase for the Amster private key if it is encrypted. + --prereqs Import prerequisites (policy sets, resource types) if they are available in the import file. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Import policies into this policy set. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap index 8f121e18..f45b0818 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'authz policy list' should be expected english 1 List authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Policy set id/name. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Policy set id/name. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap index a70011e6..f339765f 100644 --- a/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap @@ -6,103 +6,40 @@ exports[`CLI help interface for 'authz set delete' should be expected english 1` Delete authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all policy sets in a realm. - Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all policy sets in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap index dbd09859..a8701aca 100644 --- a/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap @@ -6,102 +6,40 @@ exports[`CLI help interface for 'authz set describe' should be expected english Describe authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap index 1bb3fe6b..2c69870c 100644 --- a/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap @@ -6,114 +6,45 @@ exports[`CLI help interface for 'authz set export' should be expected english 1` Export authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all applications/policy sets to a - single file. Ignored with -i. - -A, --all-separate Export all applications/policy sets to - separate files (*.authz.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (policies, scripts). - --passphrase The passphrase for the Amster private - key if it is encrypted. - --prereqs Include prerequisites (resource types). - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all applications/policy sets to a single file. Ignored with -i. + -A, --all-separate Export all applications/policy sets to separate files (*.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (policies, scripts). + --passphrase The passphrase for the Amster private key if it is encrypted. + --prereqs Include prerequisites (resource types). + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap index 610cc215..021a8a0c 100644 --- a/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap @@ -6,113 +6,44 @@ exports[`CLI help interface for 'authz set import' should be expected english 1` Import authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all policy sets from single file. - Ignored with -i. - -A, --all-separate Import all policy sets from separate - files (*.policyset.authz.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. If specified, only - one policy set is imported and the - options -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (policies, scripts). - --passphrase The passphrase for the Amster private - key if it is encrypted. - --prereqs Include prerequisites (resource types). - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all policy sets from single file. Ignored with -i. + -A, --all-separate Import all policy sets from separate files (*.policyset.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. If specified, only one policy set is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (policies, scripts). + --passphrase The passphrase for the Amster private key if it is encrypted. + --prereqs Include prerequisites (resource types). + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap index 6c708854..4f94c3ce 100644 --- a/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap @@ -6,106 +6,41 @@ exports[`CLI help interface for 'authz type delete' should be expected english 1 Delete authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all resource types in a realm. - Ignored with -i and -n. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Variable id. If specified, -a is - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. If specified, -a is - ignored. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all resource types in a realm. Ignored with -i and -n. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Variable id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. If specified, -a is ignored. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap index 2b4ac101..3435f762 100644 --- a/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap @@ -6,103 +6,41 @@ exports[`CLI help interface for 'authz type describe' should be expected english Describe authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Resource type uuid. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Resource type uuid. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap index 7712e3e2..03794d8c 100644 --- a/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap @@ -6,113 +6,44 @@ exports[`CLI help interface for 'authz type export' should be expected english 1 Export authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all resource types to a single - file. Ignored with -i. - -A, --all-separate Export all resource types to separate - files (*.resourcetype.authz.json) in the - current directory. Ignored with -i, -n, - or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Resource type uuid. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. If specified, -a and - -A are ignored. - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all resource types to a single file. Ignored with -i. + -A, --all-separate Export all resource types to separate files (*.resourcetype.authz.json) in the current directory. Ignored with -i, -n, or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Resource type uuid. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. If specified, -a and -A are ignored. + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap index 48200183..0ef5b04b 100644 --- a/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap @@ -6,111 +6,43 @@ exports[`CLI help interface for 'authz type import' should be expected english 1 Import authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all resource types from single - file. Ignored with -i. - -A, --all-separate Import all resource types from separate - files (*.resourcetype.authz.json) in the - current directory. Ignored with -i, -n, - or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Resource type uuid. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. If specified, -a and - -A are ignored. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all resource types from single file. Ignored with -i. + -A, --all-separate Import all resource types from separate files (*.resourcetype.authz.json) in the current directory. Ignored with -i, -n, or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Resource type uuid. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. If specified, -a and -A are ignored. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap index 728706b7..656703de 100644 --- a/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'authz type list' should be expected english 1`] List authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with more fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with more fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-export.test.js.snap b/test/client_cli/en/__snapshots__/config-export.test.js.snap index 29e7a182..7f482dfe 100644 --- a/test/client_cli/en/__snapshots__/config-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-export.test.js.snap @@ -14,148 +14,54 @@ flag to export only global config, and many other flags to customize the export. Use the -h or --help to see them all and to also see usage examples. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export everything to a single file. - -A, --all-separate Export everything to separate files in - the -D directory. Ignored with -a. - --curlirize Output all network calls in curl format. - -d, --default Export all scripts including the default - scripts. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -g, --global-only Export only the global config. If -r, - --realm-only is also active, then the - corresponding active realm config will - also be exported. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-active-values Include the currently active (and - loaded) secret value in the export. By - default, secret values are encrypted - server-side in the environment they are - exported from. Use --target - to have another environment perform the - encryption. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-coords Do not include the x and y coordinate - positions of the journey/tree nodes. - --no-decode Do not include decoded variable value in - variable export - -o, --separate-objects Export managed.idm.json objects - separately in their own directory. - Ignored with -a. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - -r, --realm-only Export only the config for the active - realm. If -g, --global-only is also - active, then the global config will also - be exported. - -R, --read-only Export read-only config (with the - exception of default scripts) in - addition to the importable config. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - -s, --separate-mappings Export sync.idm.json mappings separately - in their own directory. Ignored with -a. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --target Host URL of the environment to perform - secret value encryption. The URL must - resolve to an existing connection - profile. Use this option to generate an - export that can be imported into the - target environment without requiring - admin access to the source environment. - --use-string-arrays Where applicable, use string arrays to - store multi-line text (e.g. scripts). - (default: off) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. - -x, --extract Extract scripts and server properties - from the exported file, and save it to a - separate file. Ignored with -a. + -a, --all Export everything to a single file. + -A, --all-separate Export everything to separate files in the -D directory. Ignored with -a. + --curlirize Output all network calls in curl format. + -d, --default Export all scripts including the default scripts. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -g, --global-only Export only the global config. If -r, --realm-only is also active, then the corresponding active realm config will also be exported. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-active-values Include the currently active (and loaded) secret value in the export. By default, secret values are encrypted server-side in the environment they are exported from. Use --target to have another environment perform the encryption. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-coords Do not include the x and y coordinate positions of the journey/tree nodes. + --no-decode Do not include decoded variable value in variable export + -o, --separate-objects Export managed.idm.json objects separately in their own directory. Ignored with -a. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + -r, --realm-only Export only the config for the active realm. If -g, --global-only is also active, then the global config will also be exported. + -R, --read-only Export read-only config (with the exception of default scripts) in addition to the importable config. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + -s, --separate-mappings Export sync.idm.json mappings separately in their own directory. Ignored with -a. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --target Host URL of the environment to perform secret value encryption. The URL must resolve to an existing connection profile. Use this option to generate an export that can be imported into the target environment without requiring admin access to the source environment. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --use-string-arrays Where applicable, use string arrays to store multi-line text (e.g. scripts). (default: off) + --verbose Verbose output during command execution. If specified, may or may not produce additional output. + -x, --extract Extract scripts and server properties from the exported file, and save it to a separate file. Ignored with -a. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-import.test.js.snap b/test/client_cli/en/__snapshots__/config-import.test.js.snap index 070e2065..04eb3edf 100644 --- a/test/client_cli/en/__snapshots__/config-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-import.test.js.snap @@ -6,139 +6,49 @@ exports[`CLI help interface for 'config import' should be expected english 1`] = Import full cloud configuration. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all configuration from the single - file -f. Ignored with -i. - -A, --all-separate Import all configuration from separate - (.json) files in the (working) directory - -D. Ignored with -i or -a. - -C, --clean Remove existing service(s) before - importing. - --curlirize Output all network calls in curl format. - -d, --default Import all scripts including the default - scripts. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. Ignored with - -A. If included without -a, it will - import the single entity within the - file. - --flush-cache Flush token cache. - -g, --global Import global entity. Ignored with -a - and -A. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-active-values Import any secret values contained in - the import file. By default, secret - values are encrypted server-side in the - environment they are exported from. Use - --source to import a file - exported from another environment than - the one you are importing to. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --re-uuid-custom-nodes Create new UUIDs for the custom nodes - upon import. Use this to duplicate - custom nodes or create a new versions of - the same custom nodes. (default: off) - --re-uuid-journeys Generate new UUIDs for all journey nodes - during import. (default: off) - --re-uuid-scripts Create new UUIDs for the scripts upon - import. Use this to duplicate scripts or - create a new versions of the same - scripts. (default: off) - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --source Host URL of the environment which - performed secret value encryption. The - URL must resolve to an existing - connection profile. Use this option to - import a file that was exported from a - different source environment than the - one you are importing to. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all configuration from the single file -f. Ignored with -i. + -A, --all-separate Import all configuration from separate (.json) files in the (working) directory -D. Ignored with -i or -a. + -C, --clean Remove existing service(s) before importing. + --curlirize Output all network calls in curl format. + -d, --default Import all scripts including the default scripts. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. Ignored with -A. If included without -a, it will import the single entity within the file. + --flush-cache Flush token cache. + -g, --global Import global entity. Ignored with -a and -A. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-active-values Import any secret values contained in the import file. By default, secret values are encrypted server-side in the environment they are exported from. Use --source to import a file exported from another environment than the one you are importing to. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --re-uuid-custom-nodes Create new UUIDs for the custom nodes upon import. Use this to duplicate custom nodes or create a new versions of the same custom nodes. (default: off) + --re-uuid-journeys Generate new UUIDs for all journey nodes during import. (default: off) + --re-uuid-scripts Create new UUIDs for the scripts upon import. Use this to duplicate scripts or create a new versions of the same scripts. (default: off) + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --source Host URL of the environment which performed secret value encryption. The URL must resolve to an existing connection profile. Use this option to import a file that was exported from a different source environment than the one you are importing to. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-access-config.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-access-config.test.js.snap index 72bec52c..189c7fbe 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-access-config.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-access-config.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export access-config objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-all-static.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-all-static.test.js.snap index d13b928d..9c193b43 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-all-static.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-all-static.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export all static config. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-all.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-all.test.js.snap index a4231ba0..9395c958 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-all.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-all.test.js.snap @@ -38,6 +38,7 @@ Options: The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) --sa-id Service account id. --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: diff --git a/test/client_cli/en/__snapshots__/config-manager-export-audit.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-audit.test.js.snap index d5224c95..f7934aa8 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-audit.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-audit.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export audit objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-authentication.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-authentication.test.js.snap index b8c1624f..f38c5945 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-authentication.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-authentication.test.js.snap @@ -6,103 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export authentication objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - -r, --realm Specifies the realm to export from. Only - the entity object from this realm will - be exported. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + -r, --realm Specifies the realm to export from. Only the entity object from this realm will be exported. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-authz-policies.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-authz-policies.test.js.snap index 1516e85f..57b01255 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-authz-policies.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-authz-policies.test.js.snap @@ -6,109 +6,41 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export authorization policies from realm. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file The AUTHZ_POLICY_SETS_CONFIG json file. - ex: - "/home/trivir/Documents/policy-sets.json", - or "policy-sets.json" - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --policy-name Get only a specific policy set with the - name. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - -r, --realm Specifies the realm to export from. Only - policy sets from this realm will be - exported. Ignored with -f - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file The AUTHZ_POLICY_SETS_CONFIG json file. ex: "/home/trivir/Documents/policy-sets.json", or "policy-sets.json" + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --policy-name Get only a specific policy set with the name. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + -r, --realm Specifies the realm to export from. Only policy sets from this realm will be exported. Ignored with -f + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-connector-definitions.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-connector-definitions.test.js.snap index ac31689e..fc3c965c 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-connector-definitions.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-connector-definitions.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export aconnector definitions. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name Get connector-definition from specified - name/id, without the type prefix. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name Get connector-definition from specified name/id, without the type prefix. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-connector-mappings.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-connector-mappings.test.js.snap index 83fe13fa..b4db9058 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-connector-mappings.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-connector-mappings.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export connector mappings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-cookie-domains.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-cookie-domains.test.js.snap index 149abfa5..889c327e 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-cookie-domains.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-cookie-domains.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export cookie-domains objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-cors.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-cors.test.js.snap index 19975efa..0fbf58cc 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-cors.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-cors.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export CORS configuration. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-csp.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-csp.test.js.snap index 5afd612f..fa237cf5 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-csp.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-csp.test.js.snap @@ -6,103 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export content security policy. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file The CSP_OVERRIDES json file. ex: - "/home/trivir/Documents/csp-overrides.json", - or "csp-overrides.json" - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file The CSP_OVERRIDES json file. ex: "/home/trivir/Documents/csp-overrides.json", or "csp-overrides.json" + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-email-provider.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-email-provider.test.js.snap index 359a004e..a5f48a93 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-email-provider.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-email-provider.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export email provider configuration. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-email-templates.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-email-templates.test.js.snap index 48f2a49a..0a0d669b 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-email-templates.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-email-templates.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export email-templates objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name Email-templates name, It only export the - endpoint with the name - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name Email-templates name, It only export the endpoint with the name + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-endpoints.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-endpoints.test.js.snap index 18d24da3..d1e34ebe 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-endpoints.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-endpoints.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export custom endpoints objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name Endpoint name, It only export the - endpoint with the name - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name Endpoint name, It only export the endpoint with the name + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-internal-roles.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-internal-roles.test.js.snap index 13fd6688..c1158da1 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-internal-roles.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-internal-roles.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export internal roles. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name Internal role name, It only export the - endpoint with the name - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name Internal role name, It only export the endpoint with the name + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-journeys.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-journeys.test.js.snap index c8147250..7646a0cf 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-journeys.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-journeys.test.js.snap @@ -6,105 +6,41 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export journeys. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -d, --pull-dependencies Pull dependencies. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name Journey name, It only export the journey - with the name. - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - -r, --realm Specific realm to get journeys from - (overrides environment) - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -d, --pull-dependencies Pull dependencies. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name Journey name, It only export the journey with the name. + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + -r, --realm Specific realm to get journeys from (overrides environment) + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-kba.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-kba.test.js.snap index 37e1f066..155a36ec 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-kba.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-kba.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export kba-config objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-locales.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-locales.test.js.snap index a49e37d4..b6011a44 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-locales.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-locales.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export custom locales objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name locale name, It only export the locale - with the name - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name locale name, It only export the locale with the name + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-managed-objects.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-managed-objects.test.js.snap index 140a1ac9..395db676 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-managed-objects.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-managed-objects.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export managed-objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name Endpoint name, It only export the - endpoint with the name - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name Endpoint name, It only export the endpoint with the name + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-password-policy.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-password-policy.test.js.snap index 5ee2972e..67a00b26 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-password-policy.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-password-policy.test.js.snap @@ -6,103 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export password-policy objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - -r, --realm Specifies the realm to export from. Only - the entity object from this realm will - be exported. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + -r, --realm Specifies the realm to export from. Only the entity object from this realm will be exported. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-raw.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-raw.test.js.snap index 7b609556..e510552e 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-raw.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-raw.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export raw configurations from the tenant. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --config-file The file path of the service object - config file. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --config-file The file path of the service object config file. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-remote-servers.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-remote-servers.test.js.snap index d2e67042..a928ddc3 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-remote-servers.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-remote-servers.test.js.snap @@ -6,100 +6,38 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export remote-servers objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-saml.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-saml.test.js.snap index 204c2058..cd34fb75 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-saml.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-saml.test.js.snap @@ -6,101 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export saml. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file The file path of the SAML config file. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file The file path of the SAML config file. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-schedules.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-schedules.test.js.snap index 1964bdaf..6ab263df 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-schedules.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-schedules.test.js.snap @@ -6,102 +6,39 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export schedules. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --name schedule name, It only export the - endpoint with the name - --no-cache Disable token cache for this operation. - --passphrase The passphrase for the Amster private - key if it is encrypted. - --private-key File containing the private key for - authenticating with Amster. Supported - formats include PEM (both PKCS#1 and - PKCS#8 variants), OpenSSH, DNSSEC, and - JWK. - --retry Retry failed operations. Valid values - for strategy: - everything: Retry all failed operations. - - network: Retry only network-related - failed operations. - nothing: Do not retry failed - operations. - The selected retry strategy controls how - the CLI handles failures. (choices: - "nothing", "everything", "network", - default: Do not retry failed - operations.) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --name schedule name, It only export the endpoint with the name + --no-cache Disable token cache for this operation. + --passphrase The passphrase for the Amster private key if it is encrypted. + --private-key File containing the private key for authenticating with Amster. Supported formats include PEM (both PKCS#1 and PKCS#8 variants), OpenSSH, DNSSEC, and JWK. + --retry Retry failed operations. Valid values for strategy: + everything: Retry all failed operations. + network: Retry only network-related failed operations. + nothing: Do not retry failed operations. + The selected retry strategy controls how the CLI handles failures. (choices: "nothing", "everything", "network", default: Do not retry failed operations.) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-manager-export-scripts.test.js.snap b/test/client_cli/en/__snapshots__/config-manager-export-scripts.test.js.snap index fc94a95e..75407445 100644 --- a/test/client_cli/en/__snapshots__/config-manager-export-scripts.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-manager-export-scripts.test.js.snap @@ -6,117 +6,45 @@ exports[`CLI help interface for 'config export' should be expected english 1`] = Export authorization scripts. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --just-config Export only the config .json files, no - scripts. Ignored with --just-content - --just-content Export only the script .js files, no - config files - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --language Export all scripts written a certain - programming language. ALL, GROOVY, or - JAVASCRIPT. defaults to JAVASCRIPT. - Ignored with -n - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --script-name