diff --git a/src/cli/FrodoCommand.ts b/src/cli/FrodoCommand.ts index 461935d9..ab7ddf22 100644 --- a/src/cli/FrodoCommand.ts +++ b/src/cli/FrodoCommand.ts @@ -103,6 +103,14 @@ const noCacheOption = new Option( 'Disable token cache for this operation.' ); +const useRealmPrefixOnManagedObjects = new Option( + '--use-realm-prefix-on-managed-objects', + 'Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user,\ + managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user \ + etc. is retained. \ + This option is ignored when the deployment type is "cloud".' +); + const flushCacheOption = new Option('--flush-cache', 'Flush token cache.'); const defaultArgs = [ @@ -126,6 +134,7 @@ const defaultOpts = [ curlirizeOption, noCacheOption, flushCacheOption, + useRealmPrefixOnManagedObjects, ]; const stateMap = { @@ -166,6 +175,8 @@ const stateMap = { state.setCurlirize(curlirize), [noCacheOption.attributeName()]: (cache: boolean) => state.setUseTokenCache(cache), + [useRealmPrefixOnManagedObjects.attributeName()]: () => + state.setUseRealmPrefixOnManagedObjects(true), [flushCacheOption.attributeName()]: (flush: boolean) => { if (flush) frodo.cache.flush(); }, diff --git a/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap b/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap index b55c8d80..3b00afa8 100644 --- a/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-add-autoid-static-user-mapping.test.js.snap @@ -7,76 +7,30 @@ Add AutoId static user mapping to enable dashboards and other AutoId-based functionality. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap index 255e07e3..40057a03 100644 --- a/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-create-oauth2-client-with-admin-privileges.test.js.snap @@ -6,103 +6,38 @@ exports[`CLI help interface for 'admin create-oauth2-client-with-admin-privilege Create an oauth2 client with admin privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --client-id [id] Client id. - --client-secret [secret] Client secret. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --llt Create a long-lived token and store it - in a secret. The default secret name is - esv-admin-token and the default token - lifetime is 315,360,000 seconds (10 - years). Both can be overwritten with the - --llt-esv and --llt-ttl options. - --llt-esv [esv] Name of the secret to store the token - in. This option only applies if used - with the --llt option. (default: - esv-admin-token) - --llt-scope [scope] Request the following scope(s). This - option only applies if used with the - --llt option. (default: fr:idm:*) - --llt-ttl [ttl] Token lifetime (seconds). This option - only applies if used with the --llt - option. (default: 315,360,000 seconds - (10 years)) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-llt-esv Don't store the token in a secret and - output to console instead. This option - only applies if used with the --llt - option. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --client-id [id] Client id. + --client-secret [secret] Client secret. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --llt Create a long-lived token and store it in a secret. The default secret name is esv-admin-token and the default token lifetime is 315,360,000 seconds (10 years). Both can be overwritten with the --llt-esv and --llt-ttl options. + --llt-esv [esv] Name of the secret to store the token in. This option only applies if used with the --llt option. (default: esv-admin-token) + --llt-scope [scope] Request the following scope(s). This option only applies if used with the --llt option. (default: fr:idm:*) + --llt-ttl [ttl] Token lifetime (seconds). This option only applies if used with the --llt option. (default: 315,360,000 seconds (10 years)) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-llt-esv Don't store the token in a secret and output to console instead. This option only applies if used with the --llt option. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap b/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap index 3c97ee93..114fc313 100644 --- a/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-get-access-token.test.js.snap @@ -6,84 +6,34 @@ exports[`CLI help interface for 'admin get-access-token' should be expected engl Get an access token using client credentials grant type. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --client-id [id] Client id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - -s, --client-secret [secret] Client secret. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --scope [scope] Request the following scope(s). - (default: fr:idm:*) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --client-id [id] Client id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + -s, --client-secret [secret] Client secret. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --scope [scope] Request the following scope(s). (default: fr:idm:*) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap index 0d949b25..32c7aa47 100644 --- a/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-grant-oauth2-client-admin-privileges.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'admin grant-oauth2-client-admin-privileges' sho Grant an oauth2 client admin privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --client-id OAuth2 client id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --client-id OAuth2 client id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap b/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap index 96e5fe6f..6541abbb 100644 --- a/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-hide-generic-extension-attributes.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'admin hide-generic-extension-attributes' should Hide generic extension attributes. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --dry-run Dry-run only, do not perform changes. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-customized Include customized attributes. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --dry-run Dry-run only, do not perform changes. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-customized Include customized attributes. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap index 998383de..b5658512 100644 --- a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-admin-privileges.test.js.snap @@ -6,80 +6,31 @@ exports[`CLI help interface for 'admin list-oauth2-clients-with-admin-privileges List oauth2 clients with admin privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap index 922e0243..9c466cb7 100644 --- a/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-list-oauth2-clients-with-custom-privileges.test.js.snap @@ -6,80 +6,31 @@ exports[`CLI help interface for 'admin list-oauth2-clients-with-custom-privilege List oauth2 clients with custom privileges. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap b/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap index 6235f9b9..80a62b00 100644 --- a/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-list-static-user-mappings.test.js.snap @@ -6,82 +6,32 @@ exports[`CLI help interface for 'admin list-static-user-mappings' should be expe List all subjects of static user mappings that are not oauth2 clients. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --show-protected Show protected (system) subjects. - (default: false) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --show-protected Show protected (system) subjects. (default: false) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap b/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap index 550ca843..c6646497 100644 --- a/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-remove-static-user-mapping.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'admin remove-static-user-mapping' should be exp Remove a subject's static user mapping. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --sub-id Subject identifier. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --sub-id Subject identifier. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap b/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap index a1b86139..9049fcbc 100644 --- a/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-repair-org-model.test.js.snap @@ -6,85 +6,34 @@ exports[`CLI help interface for 'admin repair-org-model' should be expected engl Repair org model. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --dry-run Dry-run only, do not perform changes. - --exclude-customized Exclude customized properties from - repair. - --extend-permissions Extend permissions to include custom - attributes. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --dry-run Dry-run only, do not perform changes. + --exclude-customized Exclude customized properties from repair. + --extend-permissions Extend permissions to include custom attributes. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap b/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap index ec5b8fef..388bea3d 100644 --- a/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-revoke-oauth2-client-admin-privileges.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'admin revoke-oauth2-client-admin-privileges' sh Revoke admin privileges from an oauth2 client. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --client-id OAuth2 client id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --client-id OAuth2 client id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap b/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap index df5163fc..6f290a62 100644 --- a/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap +++ b/test/client_cli/en/__snapshots__/admin-show-generic-extension-attributes.test.js.snap @@ -6,84 +6,33 @@ exports[`CLI help interface for 'admin show-generic-extension-attributes' should Show generic extension attributes. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --dry-run Dry-run only, do not perform changes. - (default: false) - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-customized Include customized attributes. (default: - false) - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --dry-run Dry-run only, do not perform changes. (default: false) + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-customized Include customized attributes. (default: false) + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-delete.test.js.snap index 8723663b..9b1f284f 100644 --- a/test/client_cli/en/__snapshots__/agent-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-delete.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'agent delete' should be expected english 1`] = Delete agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all agents. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-describe.test.js.snap index c51ae5e4..c45aab2b 100644 --- a/test/client_cli/en/__snapshots__/agent-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-describe.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'agent describe' should be expected english 1`] Describe agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -g, --global Describe global agent. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -g, --global Describe global agent. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-export.test.js.snap index 140f21f1..6acc2a5d 100644 --- a/test/client_cli/en/__snapshots__/agent-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-export.test.js.snap @@ -6,91 +6,37 @@ exports[`CLI help interface for 'agent export' should be expected english 1`] = Export agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all agents to a single file. - Ignored with -i. - -A, --all-separate Export all agents to separate files - (*..agent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -g, --global Export global agents. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all agents to a single file. Ignored with -i. + -A, --all-separate Export all agents to separate files (*..agent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -g, --global Export global agents. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap index bc58fdf8..128c48be 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-delete.test.js.snap @@ -6,83 +6,33 @@ exports[`CLI help interface for 'agent gateway delete' should be expected englis Delete identity gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all identity gateway agents. - Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all identity gateway agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap index 79f939fb..36c573f9 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-describe.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'agent gateway describe' should be expected engl Describe gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap index ce89b195..e7e7f9f4 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-export.test.js.snap @@ -6,91 +6,36 @@ exports[`CLI help interface for 'agent gateway export' should be expected englis Export gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all gateway agents to a single - file. Ignored with -i. - -A, --all-separate Export all gateway agents to separate - files (*.identitygatewayagent.json) in - the current directory. Ignored with -i - or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all gateway agents to a single file. Ignored with -i. + -A, --all-separate Export all gateway agents to separate files (*.identitygatewayagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap index d67b2c9f..a98ab476 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-import.test.js.snap @@ -6,90 +6,35 @@ exports[`CLI help interface for 'agent gateway import' should be expected englis Import gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.identitygatewayagent.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.identitygatewayagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap index d9fbf781..6e17efec 100644 --- a/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-gateway-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'agent gateway list' should be expected english List gateway agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-import.test.js.snap index 3d8bb521..b0ee896f 100644 --- a/test/client_cli/en/__snapshots__/agent-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-import.test.js.snap @@ -6,90 +6,36 @@ exports[`CLI help interface for 'agent import' should be expected english 1`] = Import agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.agent.json) in the current directory. - Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -g, --global Import global agents. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.agent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -g, --global Import global agents. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap index c2624a67..ed223b06 100644 --- a/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-delete.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'agent java delete' should be expected english 1 Delete java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all java agents. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all java agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap index 2cfbf677..4e9895c0 100644 --- a/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-describe.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'agent java describe' should be expected english Describe java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap index 940f712c..5abce254 100644 --- a/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-export.test.js.snap @@ -6,90 +6,36 @@ exports[`CLI help interface for 'agent java export' should be expected english 1 Export java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all java agents to a single file. - Ignored with -i. - -A, --all-separate Export all java agents to separate files - (*.javaagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all java agents to a single file. Ignored with -i. + -A, --all-separate Export all java agents to separate files (*.javaagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap index 53afa6b7..7e2f5475 100644 --- a/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-import.test.js.snap @@ -6,89 +6,35 @@ exports[`CLI help interface for 'agent java import' should be expected english 1 Import java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.javaagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.javaagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap index 45b53f8c..56a7a941 100644 --- a/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-java-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'agent java list' should be expected english 1`] List java agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-list.test.js.snap index 6700357b..1366e233 100644 --- a/test/client_cli/en/__snapshots__/agent-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-list.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'agent list' should be expected english 1`] = ` List agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -g, --global List global agents. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -g, --global List global agents. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap index a311eab3..ee98b5af 100644 --- a/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-delete.test.js.snap @@ -6,83 +6,33 @@ exports[`CLI help interface for 'agent web delete' should be expected english 1` Delete web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all web agents. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all web agents. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap index b82e5ab1..0ba7852e 100644 --- a/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-describe.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'agent web describe' should be expected english Describe web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap index 2a817336..816ecfd3 100644 --- a/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-export.test.js.snap @@ -6,90 +6,36 @@ exports[`CLI help interface for 'agent web export' should be expected english 1` Export web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all web agents to a single file. - Ignored with -i. - -A, --all-separate Export all web agents to separate files - (*.webagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all web agents to a single file. Ignored with -i. + -A, --all-separate Export all web agents to separate files (*.webagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap index 4649f831..b1229f98 100644 --- a/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-import.test.js.snap @@ -6,89 +6,35 @@ exports[`CLI help interface for 'agent web import' should be expected english 1` Import web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all agents from single file. - Ignored with -i. - -A, --all-separate Import all agents from separate files - (*.webagent.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --agent-id Agent id. If specified, only one agent - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all agents from single file. Ignored with -i. + -A, --all-separate Import all agents from separate files (*.webagent.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --agent-id Agent id. If specified, only one agent is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap b/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap index 5f133144..dd37cc3e 100644 --- a/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/agent-web-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'agent web list' should be expected english 1`] List web agents. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-delete.test.js.snap b/test/client_cli/en/__snapshots__/app-delete.test.js.snap index 592f2d02..819e6dfc 100644 --- a/test/client_cli/en/__snapshots__/app-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-delete.test.js.snap @@ -6,86 +6,34 @@ exports[`CLI help interface for 'app delete' should be expected english 1`] = ` Delete applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all applications. Ignored with - -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id Application name. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deep No deep delete. This leaves orphaned - configuration artifacts behind. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all applications. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id Application name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deep No deep delete. This leaves orphaned configuration artifacts behind. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-export.test.js.snap b/test/client_cli/en/__snapshots__/app-export.test.js.snap index 1de27341..cb45a258 100644 --- a/test/client_cli/en/__snapshots__/app-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-export.test.js.snap @@ -6,93 +6,37 @@ exports[`CLI help interface for 'app export' should be expected english 1`] = ` Export applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all applications to a single - file. Ignored with -i. - -A, --all-separate Export all applications to separate - files (*.application.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id Application name. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all applications to a single file. Ignored with -i. + -A, --all-separate Export all applications to separate files (*.application.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id Application name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-import.test.js.snap b/test/client_cli/en/__snapshots__/app-import.test.js.snap index 0f4513e7..d67d8c69 100644 --- a/test/client_cli/en/__snapshots__/app-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-import.test.js.snap @@ -6,91 +6,36 @@ exports[`CLI help interface for 'app import' should be expected english 1`] = ` Import applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all applications from single - file. Ignored with -i. - -A, --all-separate Import all applications from separate - files (*.app.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id Application name. If specified, only one - application is imported and the options - -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all applications from single file. Ignored with -i. + -A, --all-separate Import all applications from separate files (*.app.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id Application name. If specified, only one application is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/app-list.test.js.snap b/test/client_cli/en/__snapshots__/app-list.test.js.snap index 5766b42f..b96d77f7 100644 --- a/test/client_cli/en/__snapshots__/app-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/app-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'app list' should be expected english 1`] = ` List applications. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authn-describe.test.js.snap b/test/client_cli/en/__snapshots__/authn-describe.test.js.snap index 9529aeac..91292d4e 100644 --- a/test/client_cli/en/__snapshots__/authn-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authn-describe.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'authn describe' should be expected english 1`] Describe authentication settings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -g, --global Describe global authentication settings. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -g, --global Describe global authentication settings. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authn-export.test.js.snap b/test/client_cli/en/__snapshots__/authn-export.test.js.snap index a205c3e3..84113e3d 100644 --- a/test/client_cli/en/__snapshots__/authn-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authn-export.test.js.snap @@ -6,84 +6,34 @@ exports[`CLI help interface for 'authn export' should be expected english 1`] = Export authentication settings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -g, --global Export global authentication settings. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -g, --global Export global authentication settings. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authn-import.test.js.snap b/test/client_cli/en/__snapshots__/authn-import.test.js.snap index e1bdc407..3f46484d 100644 --- a/test/client_cli/en/__snapshots__/authn-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authn-import.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'authn import' should be expected english 1`] = Import authentication settings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -g, --global Export global authentication settings. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -g, --global Export global authentication settings. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap index 74449915..b172a2c3 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-delete.test.js.snap @@ -6,85 +6,34 @@ exports[`CLI help interface for 'authz policy delete' should be expected english Delete authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all policies in a realm. Ignored - with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id/name. If specified, -a is - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Policy set id/name. Ignored with -i. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all policies in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id/name. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Policy set id/name. Ignored with -i. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap index a57f9a3f..522c410c 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-describe.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'authz policy describe' should be expected engli Describe authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id/name. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id/name. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap index f574540a..ef142257 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-export.test.js.snap @@ -6,95 +6,39 @@ exports[`CLI help interface for 'authz policy export' should be expected english Export authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export policies to a single file. - Ignored with -i. - -A, --all-separate Export policies to separate files - (*.policy.authz.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include dependencies (scripts). - --prereqs Include prerequisites (policy sets, - resource types). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Export policies in policy set only. - Ignored with -i. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export policies to a single file. Ignored with -i. + -A, --all-separate Export policies to separate files (*.policy.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include dependencies (scripts). + --prereqs Include prerequisites (policy sets, resource types). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Export policies in policy set only. Ignored with -i. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap index 18ce5583..b5c23d5f 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-import.test.js.snap @@ -6,96 +6,38 @@ exports[`CLI help interface for 'authz policy import' should be expected english Import authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all policies from single file. - Ignored with -i. - -A, --all-separate Import all policies from separate files - (*.policy.authz.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --policy-id Policy id. If specified, only one policy - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not import dependencies (scripts) - even if they are available in the import - file. - --prereqs Import prerequisites (policy sets, - resource types) if they are available in - the import file. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Import policies into this policy set. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all policies from single file. Ignored with -i. + -A, --all-separate Import all policies from separate files (*.policy.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --policy-id Policy id. If specified, only one policy is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not import dependencies (scripts) even if they are available in the import file. + --prereqs Import prerequisites (policy sets, resource types) if they are available in the import file. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Import policies into this policy set. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap b/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap index bf357cc9..47e7fc46 100644 --- a/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-policy-list.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'authz policy list' should be expected english 1 List authorization policies. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --set-id Policy set id/name. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --set-id Policy set id/name. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap index 39060250..bf5005d3 100644 --- a/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-delete.test.js.snap @@ -6,83 +6,33 @@ exports[`CLI help interface for 'authz set delete' should be expected english 1` Delete authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all policy sets in a realm. - Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all policy sets in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap index 7eb683e1..67b03911 100644 --- a/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-describe.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'authz set describe' should be expected english Describe authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap index 073ee7c7..24eac2f4 100644 --- a/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-export.test.js.snap @@ -6,94 +6,38 @@ exports[`CLI help interface for 'authz set export' should be expected english 1` Export authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all applications/policy sets to a - single file. Ignored with -i. - -A, --all-separate Export all applications/policy sets to - separate files (*.authz.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (policies, scripts). - --prereqs Include prerequisites (resource types). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all applications/policy sets to a single file. Ignored with -i. + -A, --all-separate Export all applications/policy sets to separate files (*.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (policies, scripts). + --prereqs Include prerequisites (resource types). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap b/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap index ac611010..4c3f6702 100644 --- a/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-set-import.test.js.snap @@ -6,93 +6,37 @@ exports[`CLI help interface for 'authz set import' should be expected english 1` Import authorization policy sets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all policy sets from single file. - Ignored with -i. - -A, --all-separate Import all policy sets from separate - files (*.policyset.authz.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --set-id Policy set id/name. If specified, only - one policy set is imported and the - options -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (policies, scripts). - --prereqs Include prerequisites (resource types). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all policy sets from single file. Ignored with -i. + -A, --all-separate Import all policy sets from separate files (*.policyset.authz.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --set-id Policy set id/name. If specified, only one policy set is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (policies, scripts). + --prereqs Include prerequisites (resource types). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap index 9197713c..c1eee302 100644 --- a/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-delete.test.js.snap @@ -6,86 +6,34 @@ exports[`CLI help interface for 'authz type delete' should be expected english 1 Delete authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all resource types in a realm. - Ignored with -i and -n. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Variable id. If specified, -a is - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. If specified, -a is - ignored. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all resource types in a realm. Ignored with -i and -n. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Variable id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. If specified, -a is ignored. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap index a372d1b2..867f2836 100644 --- a/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-describe.test.js.snap @@ -6,83 +6,34 @@ exports[`CLI help interface for 'authz type describe' should be expected english Describe authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Resource type uuid. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Resource type uuid. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap index f1937ef7..580b69f9 100644 --- a/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-export.test.js.snap @@ -6,93 +6,37 @@ exports[`CLI help interface for 'authz type export' should be expected english 1 Export authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all resource types to a single - file. Ignored with -i. - -A, --all-separate Export all resource types to separate - files (*.resourcetype.authz.json) in the - current directory. Ignored with -i, -n, - or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Resource type uuid. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. If specified, -a and - -A are ignored. - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all resource types to a single file. Ignored with -i. + -A, --all-separate Export all resource types to separate files (*.resourcetype.authz.json) in the current directory. Ignored with -i, -n, or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Resource type uuid. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. If specified, -a and -A are ignored. + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap index b72e1a2e..b647dac3 100644 --- a/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-import.test.js.snap @@ -6,91 +6,36 @@ exports[`CLI help interface for 'authz type import' should be expected english 1 Import authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all resource types from single - file. Ignored with -i. - -A, --all-separate Import all resource types from separate - files (*.resourcetype.authz.json) in the - current directory. Ignored with -i, -n, - or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --type-id Resource type uuid. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --type-name Resource type name. If specified, -a and - -A are ignored. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all resource types from single file. Ignored with -i. + -A, --all-separate Import all resource types from separate files (*.resourcetype.authz.json) in the current directory. Ignored with -i, -n, or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --type-id Resource type uuid. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --type-name Resource type name. If specified, -a and -A are ignored. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap b/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap index d517950c..b701220c 100644 --- a/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/authz-type-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'authz type list' should be expected english 1`] List authorization resource types. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with more fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with more fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-export.test.js.snap b/test/client_cli/en/__snapshots__/config-export.test.js.snap index 4b7ffd87..b492fed1 100644 --- a/test/client_cli/en/__snapshots__/config-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-export.test.js.snap @@ -14,128 +14,47 @@ flag to export only global config, and many other flags to customize the export. Use the -h or --help to see them all and to also see usage examples. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export everything to a single file. - -A, --all-separate Export everything to separate files in - the -D directory. Ignored with -a. - --curlirize Output all network calls in curl format. - -d, --default Export all scripts including the default - scripts. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -g, --global-only Export only the global config. If -r, - --realm-only is also active, then the - corresponding active realm config will - also be exported. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-active-values Include the currently active (and - loaded) secret value in the export. By - default, secret values are encrypted - server-side in the environment they are - exported from. Use --target - to have another environment perform the - encryption. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-coords Do not include the x and y coordinate - positions of the journey/tree nodes. - --no-decode Do not include decoded variable value in - variable export - -o, --separate-objects Export managed.idm.json objects - separately in their own directory. - Ignored with -a. - -r, --realm-only Export only the config for the active - realm. If -g, --global-only is also - active, then the global config will also - be exported. - -R, --read-only Export read-only config (with the - exception of default scripts) in - addition to the importable config. - -s, --separate-mappings Export sync.idm.json mappings separately - in their own directory. Ignored with -a. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --target Host URL of the environment to perform - secret value encryption. The URL must - resolve to an existing connection - profile. Use this option to generate an - export that can be imported into the - target environment without requiring - admin access to the source environment. - --use-string-arrays Where applicable, use string arrays to - store multi-line text (e.g. scripts). - (default: off) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. - -x, --extract Extract scripts and server properties - from the exported file, and save it to a - separate file. Ignored with -a. + -a, --all Export everything to a single file. + -A, --all-separate Export everything to separate files in the -D directory. Ignored with -a. + --curlirize Output all network calls in curl format. + -d, --default Export all scripts including the default scripts. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -g, --global-only Export only the global config. If -r, --realm-only is also active, then the corresponding active realm config will also be exported. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-active-values Include the currently active (and loaded) secret value in the export. By default, secret values are encrypted server-side in the environment they are exported from. Use --target to have another environment perform the encryption. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-coords Do not include the x and y coordinate positions of the journey/tree nodes. + --no-decode Do not include decoded variable value in variable export + -o, --separate-objects Export managed.idm.json objects separately in their own directory. Ignored with -a. + -r, --realm-only Export only the config for the active realm. If -g, --global-only is also active, then the global config will also be exported. + -R, --read-only Export read-only config (with the exception of default scripts) in addition to the importable config. + -s, --separate-mappings Export sync.idm.json mappings separately in their own directory. Ignored with -a. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --target Host URL of the environment to perform secret value encryption. The URL must resolve to an existing connection profile. Use this option to generate an export that can be imported into the target environment without requiring admin access to the source environment. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --use-string-arrays Where applicable, use string arrays to store multi-line text (e.g. scripts). (default: off) + --verbose Verbose output during command execution. If specified, may or may not produce additional output. + -x, --extract Extract scripts and server properties from the exported file, and save it to a separate file. Ignored with -a. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/config-import.test.js.snap b/test/client_cli/en/__snapshots__/config-import.test.js.snap index f1b55e7e..661e41c3 100644 --- a/test/client_cli/en/__snapshots__/config-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/config-import.test.js.snap @@ -6,115 +6,41 @@ exports[`CLI help interface for 'config import' should be expected english 1`] = Import full cloud configuration. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all configuration from the single - file -f. Ignored with -i. - -A, --all-separate Import all configuration from separate - (.json) files in the (working) directory - -D. Ignored with -i or -a. - -C, --clean Remove existing service(s) before - importing. - --curlirize Output all network calls in curl format. - -d, --default Import all scripts including the default - scripts. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. Ignored with - -A. If included without -a, it will - import the single entity within the - file. - --flush-cache Flush token cache. - -g, --global Import global entity. Ignored with -a - and -A. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-active-values Import any secret values contained in - the import file. By default, secret - values are encrypted server-side in the - environment they are exported from. Use - --source to import a file - exported from another environment than - the one you are importing to. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --re-uuid-journeys Generate new UUIDs for all journey nodes - during import. (default: off) - --re-uuid-scripts Create new UUIDs for the scripts upon - import. Use this to duplicate scripts or - create a new versions of the same - scripts. (default: off) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --source Host URL of the environment which - performed secret value encryption. The - URL must resolve to an existing - connection profile. Use this option to - import a file that was exported from a - different source environment than the - one you are importing to. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all configuration from the single file -f. Ignored with -i. + -A, --all-separate Import all configuration from separate (.json) files in the (working) directory -D. Ignored with -i or -a. + -C, --clean Remove existing service(s) before importing. + --curlirize Output all network calls in curl format. + -d, --default Import all scripts including the default scripts. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. Ignored with -A. If included without -a, it will import the single entity within the file. + --flush-cache Flush token cache. + -g, --global Import global entity. Ignored with -a and -A. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-active-values Import any secret values contained in the import file. By default, secret values are encrypted server-side in the environment they are exported from. Use --source to import a file exported from another environment than the one you are importing to. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --re-uuid-journeys Generate new UUIDs for all journey nodes during import. (default: off) + --re-uuid-scripts Create new UUIDs for the scripts upon import. Use this to duplicate scripts or create a new versions of the same scripts. (default: off) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --source Host URL of the environment which performed secret value encryption. The URL must resolve to an existing connection profile. Use this option to import a file that was exported from a different source environment than the one you are importing to. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/conn-delete.test.js.snap b/test/client_cli/en/__snapshots__/conn-delete.test.js.snap index 49e267b1..2e86ac25 100644 --- a/test/client_cli/en/__snapshots__/conn-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/conn-delete.test.js.snap @@ -6,46 +6,21 @@ exports[`CLI help interface for 'conn delete' should be expected english 1`] = ` Delete connection profiles. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. Options: - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/conn-describe.test.js.snap b/test/client_cli/en/__snapshots__/conn-describe.test.js.snap index af0d851d..729b05b3 100644 --- a/test/client_cli/en/__snapshots__/conn-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/conn-describe.test.js.snap @@ -6,47 +6,22 @@ exports[`CLI help interface for 'conn describe' should be expected english 1`] = Describe connection profile. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. Options: - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --show-secrets Show passwords and secrets. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --show-secrets Show passwords and secrets. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/conn-list.test.js.snap b/test/client_cli/en/__snapshots__/conn-list.test.js.snap index 4a9fd16c..e94eb616 100644 --- a/test/client_cli/en/__snapshots__/conn-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/conn-list.test.js.snap @@ -6,41 +6,19 @@ exports[`CLI help interface for 'conn list' should be expected english 1`] = ` List connection profiles. Options: - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/conn-save.test.js.snap b/test/client_cli/en/__snapshots__/conn-save.test.js.snap index 6bc29456..55e6b049 100644 --- a/test/client_cli/en/__snapshots__/conn-save.test.js.snap +++ b/test/client_cli/en/__snapshots__/conn-save.test.js.snap @@ -35,6 +35,7 @@ Options: --no-validate Do not validate connection. --sa-id Service account id. --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: @@ -103,6 +104,7 @@ Options: --no-validate Do not validate connection. --sa-id Service account id. --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: @@ -171,6 +173,7 @@ Options: --no-validate Do not validate connection. --sa-id Service account id. --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: @@ -239,6 +242,7 @@ Options: --no-validate Do not validate connection. --sa-id Service account id. --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: diff --git a/test/client_cli/en/__snapshots__/email-template-export.test.js.snap b/test/client_cli/en/__snapshots__/email-template-export.test.js.snap index 3053f119..b2198250 100644 --- a/test/client_cli/en/__snapshots__/email-template-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/email-template-export.test.js.snap @@ -6,92 +6,36 @@ exports[`CLI help interface for 'email templates export' should be expected engl Export email templates. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all email templates to a single - file. Ignored with -i. - -A, --all-separate Export all email templates as separate - files .template.email.json. - Ignored with -i, and -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Name of the export file. Ignored with - -A. Defaults to - .template.email.json. - --flush-cache Flush token cache. - -h, --help Help - -i, --template-id Email template id/name. If specified, -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all email templates to a single file. Ignored with -i. + -A, --all-separate Export all email templates as separate files .template.email.json. Ignored with -i, and -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Name of the export file. Ignored with -A. Defaults to .template.email.json. + --flush-cache Flush token cache. + -h, --help Help + -i, --template-id Email template id/name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/email-template-import.test.js.snap b/test/client_cli/en/__snapshots__/email-template-import.test.js.snap index 3ec645b6..825ba301 100644 --- a/test/client_cli/en/__snapshots__/email-template-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/email-template-import.test.js.snap @@ -6,97 +6,36 @@ exports[`CLI help interface for 'email templates import' should be expected engl Import email templates. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all email templates from single - file. Ignored with -i. - -A, --all-separate Import all email templates from separate - files (*.template.email.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the import file. - --flush-cache Flush token cache. - -h, --help Help - -i, --template-id Email template id/name. If specified, -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --raw Import raw email template files. Raw - templates do not contain the id/name, - therefore when using -A or -f without - -i, the email template id/name is parsed - from the file name; Make sure your - template files are named - 'emailTemplate-.json' or use -f - with -i. Ignored with -a. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all email templates from single file. Ignored with -i. + -A, --all-separate Import all email templates from separate files (*.template.email.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the import file. + --flush-cache Flush token cache. + -h, --help Help + -i, --template-id Email template id/name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --raw Import raw email template files. Raw templates do not contain the id/name, therefore when using -A or -f without -i, the email template id/name is parsed from the file name; Make sure your template files are named 'emailTemplate-.json' or use -f with -i. Ignored with -a. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/email-template-list.test.js.snap b/test/client_cli/en/__snapshots__/email-template-list.test.js.snap index 190cab01..eff16a74 100644 --- a/test/client_cli/en/__snapshots__/email-template-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/email-template-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'email templates list' should be expected englis List email templates. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-apply.test.js.snap b/test/client_cli/en/__snapshots__/esv-apply.test.js.snap index 65ed568a..bc8deae1 100644 --- a/test/client_cli/en/__snapshots__/esv-apply.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-apply.test.js.snap @@ -8,88 +8,35 @@ requires a restart of the AM and IDM pods and can take up to 10 minutes to complete. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --check-only Check if updated need to be apply but - don't apply them. (default: false) - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - --force Force restart of services if no updates - are found. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-wait Don't wait for the updates to finish - applying. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --timeout Specify a timeout in seconds how long - the tool should wait for the apply - command to finish. Only effective - without --no-wait. (default: 600 secs - (10 mins)) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. - -y, --yes Answer y/yes to all prompts. + --check-only Check if updated need to be apply but don't apply them. (default: false) + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + --force Force restart of services if no updates are found. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-wait Don't wait for the updates to finish applying. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --timeout Specify a timeout in seconds how long the tool should wait for the apply command to finish. Only effective without --no-wait. (default: 600 secs (10 mins)) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. + -y, --yes Answer y/yes to all prompts. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-create.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-create.test.js.snap index 9c4f96b9..535dd68d 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-create.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-create.test.js.snap @@ -6,85 +6,36 @@ exports[`CLI help interface for 'esv secret create' should be expected english 1 Create secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --description [description] Secret description. - --encoding [encoding] Secret encoding (choices: "generic", - "pem", "base64hmac", default: generic) - -f, --file [file] Name of the file to read pem or - base64hmac encoded secret from. Ignored - if --value is specified - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-use-in-placeholders Secret cannot be used in placeholders. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --value Secret value. Overrides "--file" - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --description [description] Secret description. + --encoding [encoding] Secret encoding (choices: "generic", "pem", "base64hmac", default: generic) + -f, --file [file] Name of the file to read pem or base64hmac encoded secret from. Ignored if --value is specified + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-use-in-placeholders Secret cannot be used in placeholders. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --value Secret value. Overrides "--file" + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-delete.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-delete.test.js.snap index 9720ca71..49bb09da 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-delete.test.js.snap @@ -6,79 +6,32 @@ exports[`CLI help interface for 'esv secret delete' should be expected english 1 Delete secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all secrets in a realm. Ignored - with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all secrets in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-describe.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-describe.test.js.snap index 5629e72e..4561c299 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-describe.test.js.snap @@ -6,92 +6,34 @@ exports[`CLI help interface for 'esv secret describe' should be expected english Describe secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Optional export file to use to determine - usage. Overrides -D, --directory. Only - used if -u or --usage is provided as - well. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -u, --usage List all uses of the secret. If a file - is provided with -f or --file, it will - search for usage in the file. If a - directory is provided with -D or - --directory, it will search for usage in - all .json files in the directory and - sub-directories. If no file or directory - is provided, it will perform a full - export automatically to determine usage. - (default: false) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Optional export file to use to determine usage. Overrides -D, --directory. Only used if -u or --usage is provided as well. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -u, --usage List all uses of the secret. If a file is provided with -f or --file, it will search for usage in the file. If a directory is provided with -D or --directory, it will search for usage in all .json files in the directory and sub-directories. If no file or directory is provided, it will perform a full export automatically to determine usage. (default: false) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-export.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-export.test.js.snap index 6f5f6cce..f21c532d 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-export.test.js.snap @@ -6,100 +6,37 @@ exports[`CLI help interface for 'esv secret export' should be expected english 1 Export secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all secrets to a single file. - Ignored with -i. - -A, --all-separate Export all sub1s to separate files - (*.secret.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-active-values Include the currently active (and - loaded) secret value in the export. By - default, secret values are encrypted - server-side in the environment they are - exported from. Use --target - to have another environment perform the - encryption. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --target Host URL of the environment to perform - secret value encryption. The URL must - resolve to an existing connection - profile. Use this option to generate an - export that can be imported into the - target environment without requiring - admin access to the source environment. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all secrets to a single file. Ignored with -i. + -A, --all-separate Export all sub1s to separate files (*.secret.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-active-values Include the currently active (and loaded) secret value in the export. By default, secret values are encrypted server-side in the environment they are exported from. Use --target to have another environment perform the encryption. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --target Host URL of the environment to perform secret value encryption. The URL must resolve to an existing connection profile. Use this option to generate an export that can be imported into the target environment without requiring admin access to the source environment. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-import.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-import.test.js.snap index 6a790b0d..811cbb2d 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-import.test.js.snap @@ -6,99 +6,36 @@ exports[`CLI help interface for 'esv secret import' should be expected english 1 Import secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all secrets from single file. - Ignored with -i. - -A, --all-separate Import all secrets from separate files - (*.secret.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. If specified, only one secret - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --include-active-values Import any secret values contained in - the import file. By default, secret - values are encrypted server-side in the - environment they are exported from. Use - --source to import a file - exported from another environment than - the one you are importing to. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --source Host URL of the environment which - performed secret value encryption. The - URL must resolve to an existing - connection profile. Use this option to - import a file that was exported from a - different source environment than the - one you are importing to. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all secrets from single file. Ignored with -i. + -A, --all-separate Import all secrets from separate files (*.secret.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. If specified, only one secret is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --include-active-values Import any secret values contained in the import file. By default, secret values are encrypted server-side in the environment they are exported from. Use --source to import a file exported from another environment than the one you are importing to. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --source Host URL of the environment which performed secret value encryption. The URL must resolve to an existing connection profile. Use this option to import a file that was exported from a different source environment than the one you are importing to. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-list.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-list.test.js.snap index 20dc280b..696b1074 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-list.test.js.snap @@ -6,92 +6,33 @@ exports[`CLI help interface for 'esv secret list' should be expected english 1`] List secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Optional export file to use to determine - usage. Overrides -D, --directory. Only - used if -u or --usage is provided as - well. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields besides usage. - (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -u, --usage Display usage field. If a file is - provided with -f or --file, it will - search for usage in the file. If a - directory is provided with -D or - --directory, it will search for usage in - all .json files in the directory and - sub-directories. If no file or directory - is provided, it will perform a full - export automatically to determine usage. - (default: false) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Optional export file to use to determine usage. Overrides -D, --directory. Only used if -u or --usage is provided as well. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields besides usage. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -u, --usage Display usage field. If a file is provided with -f or --file, it will search for usage in the file. If a directory is provided with -D or --directory, it will search for usage in all .json files in the directory and sub-directories. If no file or directory is provided, it will perform a full export automatically to determine usage. (default: false) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-set.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-set.test.js.snap index 441356f7..47053ad4 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-set.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-set.test.js.snap @@ -6,78 +6,32 @@ exports[`CLI help interface for 'esv secret set' should be expected english 1`] Set secret description. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --description Secret description. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --description Secret description. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-version-activate.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-version-activate.test.js.snap index f14c2bbf..c027e84a 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-version-activate.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-version-activate.test.js.snap @@ -6,78 +6,32 @@ exports[`CLI help interface for 'esv secret version activate' should be expected Activate versions of secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -v, --version Version of secret. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + -v, --version Version of secret. + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-version-create.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-version-create.test.js.snap index 53f96e35..5132f054 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-version-create.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-version-create.test.js.snap @@ -6,81 +6,33 @@ exports[`CLI help interface for 'esv secret version create' should be expected e Create new version of secret. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Name of the file to read pem or - base64hmac encoded secret from. Ignored - if --value is specified - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --value Secret value. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Name of the file to read pem or base64hmac encoded secret from. Ignored if --value is specified + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --value Secret value. + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-version-deactivate.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-version-deactivate.test.js.snap index 51a18724..2d105bf6 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-version-deactivate.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-version-deactivate.test.js.snap @@ -6,78 +6,32 @@ exports[`CLI help interface for 'esv secret version deactivate' should be expect Deactivate versions of secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -v, --version Version of secret. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + -v, --version Version of secret. + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-version-delete.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-version-delete.test.js.snap index b1fbc393..9e6a904b 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-version-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-version-delete.test.js.snap @@ -6,80 +6,33 @@ exports[`CLI help interface for 'esv secret version delete' should be expected e Delete versions of secrets. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all secrets in a realm. Ignored - with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -v, --version Version of secret. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all secrets in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + -v, --version Version of secret. + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-secret-version-list.test.js.snap b/test/client_cli/en/__snapshots__/esv-secret-version-list.test.js.snap index 83996266..789aaefd 100644 --- a/test/client_cli/en/__snapshots__/esv-secret-version-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-secret-version-list.test.js.snap @@ -6,78 +6,32 @@ exports[`CLI help interface for 'esv secret version list' should be expected eng List versions of secret. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --secret-id Secret id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --secret-id Secret id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-variable-create.test.js.snap b/test/client_cli/en/__snapshots__/esv-variable-create.test.js.snap index 57774a25..76fde3f5 100644 --- a/test/client_cli/en/__snapshots__/esv-variable-create.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-variable-create.test.js.snap @@ -6,82 +6,34 @@ exports[`CLI help interface for 'esv variable create' should be expected english Create variables. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --description [description] Variable description. - --flush-cache Flush token cache. - -h, --help Help - -i, --variable-id Variable id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --value Variable value. - --variable-type [variable-type] Variable type. Must be one of "string", - "list", "array", "object", "bool", - "int", or "number". (default: "string") - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --description [description] Variable description. + --flush-cache Flush token cache. + -h, --help Help + -i, --variable-id Variable id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --value Variable value. + --variable-type [variable-type] Variable type. Must be one of "string", "list", "array", "object", "bool", "int", or "number". (default: "string") + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-variable-delete.test.js.snap b/test/client_cli/en/__snapshots__/esv-variable-delete.test.js.snap index bcf382eb..0c1e2d94 100644 --- a/test/client_cli/en/__snapshots__/esv-variable-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-variable-delete.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'esv variable delete' should be expected english Delete variables. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all variable in a realm. Ignored - with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --variable-id Variable id. If specified, -a is - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deep No deep delete. This leaves orphaned - configuration artifacts behind. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all variable in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --variable-id Variable id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deep No deep delete. This leaves orphaned configuration artifacts behind. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-variable-describe.test.js.snap b/test/client_cli/en/__snapshots__/esv-variable-describe.test.js.snap index e3bfa6d4..dee47d34 100644 --- a/test/client_cli/en/__snapshots__/esv-variable-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-variable-describe.test.js.snap @@ -6,92 +6,34 @@ exports[`CLI help interface for 'esv variable describe' should be expected engli Describe variables. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Optional export file to use to determine - usage. Overrides -D, --directory. Only - used if -u or --usage is provided as - well. - --flush-cache Flush token cache. - -h, --help Help - -i, --variable-id Variable id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -u, --usage List all uses of the variable. If a file - is provided with -f or --file, it will - search for usage in the file. If a - directory is provided with -D or - --directory, it will search for usage in - all .json files in the directory and - sub-directories. If no file or directory - is provided, it will perform a full - export automatically to determine usage. - (default: false) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Optional export file to use to determine usage. Overrides -D, --directory. Only used if -u or --usage is provided as well. + --flush-cache Flush token cache. + -h, --help Help + -i, --variable-id Variable id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -u, --usage List all uses of the variable. If a file is provided with -f or --file, it will search for usage in the file. If a directory is provided with -D or --directory, it will search for usage in all .json files in the directory and sub-directories. If no file or directory is provided, it will perform a full export automatically to determine usage. (default: false) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-variable-export.test.js.snap b/test/client_cli/en/__snapshots__/esv-variable-export.test.js.snap index 2e01d879..d6db666e 100644 --- a/test/client_cli/en/__snapshots__/esv-variable-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-variable-export.test.js.snap @@ -6,88 +6,36 @@ exports[`CLI help interface for 'esv variable export' should be expected english Export variables. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all variables to a single file. - Ignored with -i. - -A, --all-separate Export all variables to separate files - (*.variable.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --variable-id Variable id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-decode Do not include decoded variable value in - export - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all variables to a single file. Ignored with -i. + -A, --all-separate Export all variables to separate files (*.variable.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --variable-id Variable id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-decode Do not include decoded variable value in export + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-variable-import.test.js.snap b/test/client_cli/en/__snapshots__/esv-variable-import.test.js.snap index 4727ab95..48ec93da 100644 --- a/test/client_cli/en/__snapshots__/esv-variable-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-variable-import.test.js.snap @@ -6,85 +6,34 @@ exports[`CLI help interface for 'esv variable import' should be expected english Import variables. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all variables from single file. - Ignored with -i. - -A, --all-separate Import all variables from separate files - (*.variable.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --variable-id Variable id. If specified, only one - variable is imported and the options -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all variables from single file. Ignored with -i. + -A, --all-separate Import all variables from separate files (*.variable.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --variable-id Variable id. If specified, only one variable is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-variable-list.test.js.snap b/test/client_cli/en/__snapshots__/esv-variable-list.test.js.snap index f4019171..b9ddff7f 100644 --- a/test/client_cli/en/__snapshots__/esv-variable-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-variable-list.test.js.snap @@ -6,92 +6,33 @@ exports[`CLI help interface for 'esv variable list' should be expected english 1 List variables. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Optional export file to use to determine - usage. Overrides -D, --directory. Only - used if -u or --usage is provided as - well. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields besides usage. - (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -u, --usage Display usage field. If a file is - provided with -f or --file, it will - search for usage in the file. If a - directory is provided with -D or - --directory, it will search for usage in - all .json files in the directory and - sub-directories. If no file or directory - is provided, it will perform a full - export automatically to determine usage. - (default: false) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Optional export file to use to determine usage. Overrides -D, --directory. Only used if -u or --usage is provided as well. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields besides usage. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -u, --usage Display usage field. If a file is provided with -f or --file, it will search for usage in the file. If a directory is provided with -D or --directory, it will search for usage in all .json files in the directory and sub-directories. If no file or directory is provided, it will perform a full export automatically to determine usage. (default: false) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/esv-variable-set.test.js.snap b/test/client_cli/en/__snapshots__/esv-variable-set.test.js.snap index 8237a6b6..b44acf63 100644 --- a/test/client_cli/en/__snapshots__/esv-variable-set.test.js.snap +++ b/test/client_cli/en/__snapshots__/esv-variable-set.test.js.snap @@ -6,79 +6,33 @@ exports[`CLI help interface for 'esv variable set' should be expected english 1` Set variable description. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --description [description] Variable description. - --flush-cache Flush token cache. - -h, --help Help - -i, --variable-id Variable id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --value [value] Variable value. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --description [description] Variable description. + --flush-cache Flush token cache. + -h, --help Help + -i, --variable-id Variable id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --value [value] Variable value. + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idm-count.test.js.snap b/test/client_cli/en/__snapshots__/idm-count.test.js.snap index 1ceeb463..00bbfa37 100644 --- a/test/client_cli/en/__snapshots__/idm-count.test.js.snap +++ b/test/client_cli/en/__snapshots__/idm-count.test.js.snap @@ -6,83 +6,32 @@ exports[`CLI help interface for 'idm count' should be expected english 1`] = ` Count managed objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - -o, --managed-object Type of managed object to count. E.g. - "alpha_user", "alpha_role", "user", - "role". - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + -o, --managed-object Type of managed object to count. E.g. "alpha_user", "alpha_role", "user", "role". + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idm-delete.test.js.snap b/test/client_cli/en/__snapshots__/idm-delete.test.js.snap index aaecb77a..804b98d4 100644 --- a/test/client_cli/en/__snapshots__/idm-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/idm-delete.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'idm delete' should be expected english 1`] = ` Delete AM services. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --id Id of Service to be deleted. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --id Id of Service to be deleted. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idm-export.test.js.snap b/test/client_cli/en/__snapshots__/idm-export.test.js.snap index da40cbe0..c1a440c5 100644 --- a/test/client_cli/en/__snapshots__/idm-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/idm-export.test.js.snap @@ -6,103 +6,40 @@ exports[`CLI help interface for 'idm export' should be expected english 1`] = ` Export IDM configuration objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all IDM configuration objects - into a single file in directory -D. - Ignored with -i. - -A, --all-separate Export all IDM configuration objects - into separate JSON files in directory - -D. Ignored with -i, and -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -e, --env-file [envfile] Name of the env file. - -E, --entities-file [entities-file] Name of the entity file. Ignored with - -i. - -f, --file [file] Export file (or directory name if - exporting mappings separately). Ignored - with -A. - --flush-cache Flush token cache. - -h, --help Help - -i, --entity-id Config entity id/name. E.g. "managed", - "sync", "provisioner-", - etc. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - -o, --separate-objects Export managed.idm.json objects - separately in their own directory. - Ignored with -a. - -s, --separate-mappings Export sync.idm.json mappings separately - in their own directory. Ignored with -a. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all IDM configuration objects into a single file in directory -D. Ignored with -i. + -A, --all-separate Export all IDM configuration objects into separate JSON files in directory -D. Ignored with -i, and -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -e, --env-file [envfile] Name of the env file. + -E, --entities-file [entities-file] Name of the entity file. Ignored with -i. + -f, --file [file] Export file (or directory name if exporting mappings separately). Ignored with -A. + --flush-cache Flush token cache. + -h, --help Help + -i, --entity-id Config entity id/name. E.g. "managed", "sync", "provisioner-", etc. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + -o, --separate-objects Export managed.idm.json objects separately in their own directory. Ignored with -a. + -s, --separate-mappings Export sync.idm.json mappings separately in their own directory. Ignored with -a. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idm-import.test.js.snap b/test/client_cli/en/__snapshots__/idm-import.test.js.snap index 2365775c..76ce0e9f 100644 --- a/test/client_cli/en/__snapshots__/idm-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/idm-import.test.js.snap @@ -6,94 +6,37 @@ exports[`CLI help interface for 'idm import' should be expected english 1`] = ` Import IDM configuration objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all IDM configuration objects - from a single file in directory -D. - Ignored with -i. - -A, --all-separate Import all IDM configuration objects - from separate files in directory -D. - Ignored with -i, and -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -e, --env-file [envfile] Name of the env file. - -E, --entities-file [entities-file] Name of the entity file. Ignored with - -i. - -f, --file [file] Import file. Ignored with -A. - --flush-cache Flush token cache. - -h, --help Help - -i, --entity-id Config entity id/name. E.g. "managed", - "sync", "provisioner-", - etc. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all IDM configuration objects from a single file in directory -D. Ignored with -i. + -A, --all-separate Import all IDM configuration objects from separate files in directory -D. Ignored with -i, and -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -e, --env-file [envfile] Name of the env file. + -E, --entities-file [entities-file] Name of the entity file. Ignored with -i. + -f, --file [file] Import file. Ignored with -A. + --flush-cache Flush token cache. + -h, --help Help + -i, --entity-id Config entity id/name. E.g. "managed", "sync", "provisioner-", etc. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idm-list.test.js.snap b/test/client_cli/en/__snapshots__/idm-list.test.js.snap index 91a77306..f06fac39 100644 --- a/test/client_cli/en/__snapshots__/idm-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/idm-list.test.js.snap @@ -6,80 +6,31 @@ exports[`CLI help interface for 'idm list' should be expected english 1`] = ` List IDM configuration objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idm-schema-object-export.test.js.snap b/test/client_cli/en/__snapshots__/idm-schema-object-export.test.js.snap index 4ec904db..97d66a91 100644 --- a/test/client_cli/en/__snapshots__/idm-schema-object-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/idm-schema-object-export.test.js.snap @@ -6,84 +6,34 @@ exports[`CLI help interface for 'idm' should be expected english 1`] = ` Import IDM configuration managed objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -e, --env-file [envfile] Name of the env file. - -f, --file [file] Import file. - --flush-cache Flush token cache. - -h, --help Help - -i, --individual-object Import an individual object. Requires - the use of the -f to specify the file. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -e, --env-file [envfile] Name of the env file. + -f, --file [file] Import file. + --flush-cache Flush token cache. + -h, --help Help + -i, --individual-object Import an individual object. Requires the use of the -f to specify the file. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idm-schema-object-import.test.js.snap b/test/client_cli/en/__snapshots__/idm-schema-object-import.test.js.snap index 4ec904db..97d66a91 100644 --- a/test/client_cli/en/__snapshots__/idm-schema-object-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/idm-schema-object-import.test.js.snap @@ -6,84 +6,34 @@ exports[`CLI help interface for 'idm' should be expected english 1`] = ` Import IDM configuration managed objects. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -e, --env-file [envfile] Name of the env file. - -f, --file [file] Import file. - --flush-cache Flush token cache. - -h, --help Help - -i, --individual-object Import an individual object. Requires - the use of the -f to specify the file. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -e, --env-file [envfile] Name of the env file. + -f, --file [file] Import file. + --flush-cache Flush token cache. + -h, --help Help + -i, --individual-object Import an individual object. Requires the use of the -f to specify the file. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idp-delete.test.js.snap b/test/client_cli/en/__snapshots__/idp-delete.test.js.snap index 99b7a467..8ff46867 100644 --- a/test/client_cli/en/__snapshots__/idp-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/idp-delete.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'idp delete' should be expected english 1`] = ` Delete (social) identity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --idp-id Id/name of a provider. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --idp-id Id/name of a provider. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idp-export.test.js.snap b/test/client_cli/en/__snapshots__/idp-export.test.js.snap index bb57f882..cd5a2b03 100644 --- a/test/client_cli/en/__snapshots__/idp-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/idp-export.test.js.snap @@ -6,91 +6,36 @@ exports[`CLI help interface for 'idp export' should be expected english 1`] = ` Export (social) identity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all the providers in a realm to a - single file. Ignored with -t and -i. - -A, --all-separate Export all the providers in a realm as - separate files .idp.json. - Ignored with -t, -i, and -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Name of the file to write the exported - provider(s) to. Ignored with -A. - --flush-cache Flush token cache. - -h, --help Help - -i, --idp-id Id/name of a provider. If specified, -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all the providers in a realm to a single file. Ignored with -t and -i. + -A, --all-separate Export all the providers in a realm as separate files .idp.json. Ignored with -t, -i, and -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Name of the file to write the exported provider(s) to. Ignored with -A. + --flush-cache Flush token cache. + -h, --help Help + -i, --idp-id Id/name of a provider. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idp-import.test.js.snap b/test/client_cli/en/__snapshots__/idp-import.test.js.snap index 6c4130b4..d78f10b1 100644 --- a/test/client_cli/en/__snapshots__/idp-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/idp-import.test.js.snap @@ -6,91 +6,36 @@ exports[`CLI help interface for 'idp import' should be expected english 1`] = ` Import (social) identity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all the providers from single - file. Ignored with -t or -i. - -A, --all-separate Import all the providers from separate - files (*.json) in the current directory. - Ignored with -t or -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import the - provider(s) from. - --flush-cache Flush token cache. - -h, --help Help - -i, --idp-id Provider id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all the providers from single file. Ignored with -t or -i. + -A, --all-separate Import all the providers from separate files (*.json) in the current directory. Ignored with -t or -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import the provider(s) from. + --flush-cache Flush token cache. + -h, --help Help + -i, --idp-id Provider id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/idp-list.test.js.snap b/test/client_cli/en/__snapshots__/idp-list.test.js.snap index 72135d59..5dd301bf 100644 --- a/test/client_cli/en/__snapshots__/idp-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/idp-list.test.js.snap @@ -6,80 +6,31 @@ exports[`CLI help interface for 'idp list' should be expected english 1`] = ` List (social) identity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/info.test.js.snap b/test/client_cli/en/__snapshots__/info.test.js.snap index 7b378eb2..02109b98 100644 --- a/test/client_cli/en/__snapshots__/info.test.js.snap +++ b/test/client_cli/en/__snapshots__/info.test.js.snap @@ -6,77 +6,31 @@ exports[`CLI help interface for 'info' should be expected english 1`] = ` Print versions and tokens. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-delete.test.js.snap b/test/client_cli/en/__snapshots__/journey-delete.test.js.snap index 8645489e..267b2895 100644 --- a/test/client_cli/en/__snapshots__/journey-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-delete.test.js.snap @@ -6,89 +6,35 @@ exports[`CLI help interface for 'journey delete' should be expected english 1`] Delete journeys/trees. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all the journeys/trees in a - realm. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --journey-id Name of a journey/tree. If specified, -a - is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deep No deep delete. This leaves orphaned - configuration artifacts behind. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. (default: off) + -a, --all Delete all the journeys/trees in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --journey-id Name of a journey/tree. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deep No deep delete. This leaves orphaned configuration artifacts behind. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. + --verbose Verbose output during command execution. If specified, may or may not produce additional output. (default: off) Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-describe.test.js.snap b/test/client_cli/en/__snapshots__/journey-describe.test.js.snap index 2be83270..061f123b 100644 --- a/test/client_cli/en/__snapshots__/journey-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-describe.test.js.snap @@ -8,95 +8,36 @@ journeys/trees in the realm if no -i is supplied, otherwise describe the journey/tree export file indicated by -f. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the journey export file to - describe. Ignored with -A. - -F, --output-file Name of the file to write the output to. - --flush-cache Flush token cache. - -h, --help Help - -i, --journey-id Name of a journey/tree. If specified, -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --markdown Output in markdown. - --no-cache Disable token cache for this operation. - -o, --override-version Override version. Notation: - '..' e.g. '7.2.0'. - Override detected version with any - version. This is helpful in order to - check if journeys in one environment - would be compatible running in another - environment (e.g. in preparation of - migrating from on-prem to ForgeRock - Identity Cloud. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the journey export file to describe. Ignored with -A. + -F, --output-file Name of the file to write the output to. + --flush-cache Flush token cache. + -h, --help Help + -i, --journey-id Name of a journey/tree. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --markdown Output in markdown. + --no-cache Disable token cache for this operation. + -o, --override-version Override version. Notation: '..' e.g. '7.2.0'. Override detected version with any version. This is helpful in order to check if journeys in one environment would be compatible running in another environment (e.g. in preparation of migrating from on-prem to ForgeRock Identity Cloud. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-disable.test.js.snap b/test/client_cli/en/__snapshots__/journey-disable.test.js.snap index 90bbd60d..f6e8ad37 100644 --- a/test/client_cli/en/__snapshots__/journey-disable.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-disable.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'journey disable' should be expected english 1`] Disable journeys/trees. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --journey-id Name of a journey/tree. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --journey-id Name of a journey/tree. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-enable.test.js.snap b/test/client_cli/en/__snapshots__/journey-enable.test.js.snap index c0dd964b..f8163133 100644 --- a/test/client_cli/en/__snapshots__/journey-enable.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-enable.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'journey enable' should be expected english 1`] Enable journeys/trees. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --journey-id Name of a journey/tree. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --journey-id Name of a journey/tree. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-export.test.js.snap b/test/client_cli/en/__snapshots__/journey-export.test.js.snap index c17a8d94..74a031e1 100644 --- a/test/client_cli/en/__snapshots__/journey-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-export.test.js.snap @@ -6,100 +6,39 @@ exports[`CLI help interface for 'journey export' should be expected english 1`] Export journeys/trees. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all the journeys/trees in a - realm. Ignored with -i. - -A, --all-separate Export all the journeys/trees in a realm - as separate files .json. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to write the exported - journey(s) to. Ignored with -A. - --flush-cache Flush token cache. - -h, --help Help - -i, --journey-id Name of a journey/tree. If specified, -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-coords Do not include the x and y coordinate - positions of the journey/tree nodes. - --no-deps Do not include any dependencies - (scripts, email templates, SAML entity - providers and circles of trust, social - identity providers, themes). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --use-string-arrays Where applicable, use string arrays to - store multi-line text (e.g. scripts). - (default: off) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all the journeys/trees in a realm. Ignored with -i. + -A, --all-separate Export all the journeys/trees in a realm as separate files .json. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to write the exported journey(s) to. Ignored with -A. + --flush-cache Flush token cache. + -h, --help Help + -i, --journey-id Name of a journey/tree. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-coords Do not include the x and y coordinate positions of the journey/tree nodes. + --no-deps Do not include any dependencies (scripts, email templates, SAML entity providers and circles of trust, social identity providers, themes). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --use-string-arrays Where applicable, use string arrays to store multi-line text (e.g. scripts). (default: off) + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-import.test.js.snap b/test/client_cli/en/__snapshots__/journey-import.test.js.snap index 4047dc74..e836c446 100644 --- a/test/client_cli/en/__snapshots__/journey-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-import.test.js.snap @@ -6,95 +6,37 @@ exports[`CLI help interface for 'journey import' should be expected english 1`] Import journey/tree. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all the journeys/trees from - single file. Ignored with -i. - -A, --all-separate Import all the journeys/trees from - separate files (*.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import the - journey(s) from. Ignored with -A. - --flush-cache Flush token cache. - -h, --help Help - -i, --journey-id Name of a journey/tree. If specified, -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts, email templates, SAML entity - providers and circles of trust, social - identity providers, themes). - --re-uuid Generate new UUIDs for all nodes during - import. (default: off) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all the journeys/trees from single file. Ignored with -i. + -A, --all-separate Import all the journeys/trees from separate files (*.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import the journey(s) from. Ignored with -A. + --flush-cache Flush token cache. + -h, --help Help + -i, --journey-id Name of a journey/tree. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts, email templates, SAML entity providers and circles of trust, social identity providers, themes). + --re-uuid Generate new UUIDs for all nodes during import. (default: off) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-list.test.js.snap b/test/client_cli/en/__snapshots__/journey-list.test.js.snap index e9579d4e..66d1339c 100644 --- a/test/client_cli/en/__snapshots__/journey-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-list.test.js.snap @@ -6,82 +6,33 @@ exports[`CLI help interface for 'journey list' should be expected english 1`] = List journeys/trees. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --analyze Analyze journeys for custom nodes. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --analyze Analyze journeys for custom nodes. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/journey-prune.test.js.snap b/test/client_cli/en/__snapshots__/journey-prune.test.js.snap index 7e657abb..3b24af1b 100644 --- a/test/client_cli/en/__snapshots__/journey-prune.test.js.snap +++ b/test/client_cli/en/__snapshots__/journey-prune.test.js.snap @@ -8,80 +8,31 @@ authentication trees. You will be prompted before any destructive operations are performed. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/log-fetch.test.js.snap b/test/client_cli/en/__snapshots__/log-fetch.test.js.snap index 37854557..1681d245 100644 --- a/test/client_cli/en/__snapshots__/log-fetch.test.js.snap +++ b/test/client_cli/en/__snapshots__/log-fetch.test.js.snap @@ -8,102 +8,43 @@ WARNING: depending on filters and time period specified, this could take substantial time to complete. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -b, --begin-timestamp Begin timestamp for period (in ISO8601, - example: "2022-10-13T19:06:28Z", or - "2022-09.30". Cannot be more than 30 - days in the past. If not specified, logs - from one hour ago are fetched (-e is - ignored) - -c, --sources Comma separated list of log sources - (default: Log everything) - --curlirize Output all network calls in curl format. - -d, --defaults Use default logging noise filters - (default: Use custom logging noise - filters defined in - $HOME/LoggingNoiseFilter.json) - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -e, --end-timestamp End timestamp for period. Default: "now" - -f, --query-filter Filter using a query expression - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --level Set log level filter. You can specify - the level as a number or a string. - Following values are possible (values on - the same line are equivalent): - 0, SEVERE, FATAL, or ERROR - 1, WARNING, WARN or CONFIG - 2, INFO or INFORMATION - 3, DEBUG, FINE, FINER or FINEST - 4 or ALL (default: ALL) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - -s, --search-string Filter by a specific string (ANDed with - transactionID filter) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -t, --transaction-id Filter by transactionId - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -b, --begin-timestamp Begin timestamp for period (in ISO8601, example: "2022-10-13T19:06:28Z", or "2022-09.30". Cannot be more than 30 days in the past. If not specified, logs from one hour ago are fetched (-e is ignored) + -c, --sources Comma separated list of log sources (default: Log everything) + --curlirize Output all network calls in curl format. + -d, --defaults Use default logging noise filters (default: Use custom logging noise filters defined in $HOME/LoggingNoiseFilter.json) + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -e, --end-timestamp End timestamp for period. Default: "now" + -f, --query-filter Filter using a query expression + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --level Set log level filter. You can specify the level as a number or a string. Following values are possible (values on the same line are equivalent): + 0, SEVERE, FATAL, or ERROR + 1, WARNING, WARN or CONFIG + 2, INFO or INFORMATION + 3, DEBUG, FINE, FINER or FINEST + 4 or ALL (default: ALL) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + -s, --search-string Filter by a specific string (ANDed with transactionID filter) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -t, --transaction-id Filter by transactionId + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. @@ -136,102 +77,43 @@ WARNING: depending on filters and time period specified, this could take substantial time to complete. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -b, --begin-timestamp Begin timestamp for period (in ISO8601, - example: "2022-10-13T19:06:28Z", or - "2022-09.30". Cannot be more than 30 - days in the past. If not specified, logs - from one hour ago are fetched (-e is - ignored) - -c, --sources Comma separated list of log sources - (default: Log everything) - --curlirize Output all network calls in curl format. - -d, --defaults Use default logging noise filters - (default: Use custom logging noise - filters defined in - $HOME/LoggingNoiseFilter.json) - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -e, --end-timestamp End timestamp for period. Default: "now" - -f, --query-filter Filter using a query expression - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --level Set log level filter. You can specify - the level as a number or a string. - Following values are possible (values on - the same line are equivalent): - 0, SEVERE, FATAL, or ERROR - 1, WARNING, WARN or CONFIG - 2, INFO or INFORMATION - 3, DEBUG, FINE, FINER or FINEST - 4 or ALL (default: ALL) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - -s, --search-string Filter by a specific string (ANDed with - transactionID filter) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -t, --transaction-id Filter by transactionId - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -b, --begin-timestamp Begin timestamp for period (in ISO8601, example: "2022-10-13T19:06:28Z", or "2022-09.30". Cannot be more than 30 days in the past. If not specified, logs from one hour ago are fetched (-e is ignored) + -c, --sources Comma separated list of log sources (default: Log everything) + --curlirize Output all network calls in curl format. + -d, --defaults Use default logging noise filters (default: Use custom logging noise filters defined in $HOME/LoggingNoiseFilter.json) + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -e, --end-timestamp End timestamp for period. Default: "now" + -f, --query-filter Filter using a query expression + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --level Set log level filter. You can specify the level as a number or a string. Following values are possible (values on the same line are equivalent): + 0, SEVERE, FATAL, or ERROR + 1, WARNING, WARN or CONFIG + 2, INFO or INFORMATION + 3, DEBUG, FINE, FINER or FINEST + 4 or ALL (default: ALL) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + -s, --search-string Filter by a specific string (ANDed with transactionID filter) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -t, --transaction-id Filter by transactionId + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/log-list.test.js.snap b/test/client_cli/en/__snapshots__/log-list.test.js.snap index b869cc62..1e039ff0 100644 --- a/test/client_cli/en/__snapshots__/log-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/log-list.test.js.snap @@ -6,76 +6,30 @@ exports[`CLI help interface for 'log list' should be expected english 1`] = ` List available ID Cloud log sources. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. @@ -106,76 +60,30 @@ exports[`CLI help interface for 'logs list' should be expected english 1`] = ` List available ID Cloud log sources. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/log-tail.test.js.snap b/test/client_cli/en/__snapshots__/log-tail.test.js.snap index 1385dd60..c2962817 100644 --- a/test/client_cli/en/__snapshots__/log-tail.test.js.snap +++ b/test/client_cli/en/__snapshots__/log-tail.test.js.snap @@ -6,92 +6,39 @@ exports[`CLI help interface for 'log tail' should be expected english 1`] = ` Tail Identity Cloud logs. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -c, --sources Comma separated list of log sources - (default: Log everything) - --curlirize Output all network calls in curl format. - -d, --defaults Use default logging noise filters - (default: Use custom logging noise - filters defined in - $HOME/LoggingNoiseFilter.json) - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --level Set log level filter. You can specify - the level as a number or a string. - Following values are possible (values on - the same line are equivalent): - 0, SEVERE, FATAL, or ERROR - 1, WARNING, WARN or CONFIG - 2, INFO or INFORMATION - 3, DEBUG, FINE, FINER or FINEST - 4 or ALL (default: ALL) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -t, --transaction-id Filter by transactionId - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -c, --sources Comma separated list of log sources (default: Log everything) + --curlirize Output all network calls in curl format. + -d, --defaults Use default logging noise filters (default: Use custom logging noise filters defined in $HOME/LoggingNoiseFilter.json) + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --level Set log level filter. You can specify the level as a number or a string. Following values are possible (values on the same line are equivalent): + 0, SEVERE, FATAL, or ERROR + 1, WARNING, WARN or CONFIG + 2, INFO or INFORMATION + 3, DEBUG, FINE, FINER or FINEST + 4 or ALL (default: ALL) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -t, --transaction-id Filter by transactionId + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. @@ -122,92 +69,39 @@ exports[`CLI help interface for 'logs tail' should be expected english 1`] = ` Tail Identity Cloud logs. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -c, --sources Comma separated list of log sources - (default: Log everything) - --curlirize Output all network calls in curl format. - -d, --defaults Use default logging noise filters - (default: Use custom logging noise - filters defined in - $HOME/LoggingNoiseFilter.json) - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --level Set log level filter. You can specify - the level as a number or a string. - Following values are possible (values on - the same line are equivalent): - 0, SEVERE, FATAL, or ERROR - 1, WARNING, WARN or CONFIG - 2, INFO or INFORMATION - 3, DEBUG, FINE, FINER or FINEST - 4 or ALL (default: ALL) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -t, --transaction-id Filter by transactionId - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -c, --sources Comma separated list of log sources (default: Log everything) + --curlirize Output all network calls in curl format. + -d, --defaults Use default logging noise filters (default: Use custom logging noise filters defined in $HOME/LoggingNoiseFilter.json) + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --level Set log level filter. You can specify the level as a number or a string. Following values are possible (values on the same line are equivalent): + 0, SEVERE, FATAL, or ERROR + 1, WARNING, WARN or CONFIG + 2, INFO or INFORMATION + 3, DEBUG, FINE, FINER or FINEST + 4 or ALL (default: ALL) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -t, --transaction-id Filter by transactionId + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/mapping-delete.test.js.snap b/test/client_cli/en/__snapshots__/mapping-delete.test.js.snap index 0711bcf7..043e036e 100644 --- a/test/client_cli/en/__snapshots__/mapping-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/mapping-delete.test.js.snap @@ -33,6 +33,7 @@ Options: --sa-id Service account id. --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. -t, --managed-object-type Managed object type. If specified, limits mappings to that particular managed object type. Ignored with -i. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: diff --git a/test/client_cli/en/__snapshots__/mapping-export.test.js.snap b/test/client_cli/en/__snapshots__/mapping-export.test.js.snap index 065a57e9..cc4d6bd6 100644 --- a/test/client_cli/en/__snapshots__/mapping-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/mapping-export.test.js.snap @@ -37,6 +37,7 @@ Options: --sa-id Service account id. --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. -t, --managed-object-type Managed object type. If specified, limits mappings to that particular managed object type. Ignored with -i. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". --use-string-arrays Where applicable, use string arrays to store multi-line text (e.g. scripts). (default: off) --verbose Verbose output during command execution. If specified, may or may not produce additional output. diff --git a/test/client_cli/en/__snapshots__/mapping-import.test.js.snap b/test/client_cli/en/__snapshots__/mapping-import.test.js.snap index c8315997..99107849 100644 --- a/test/client_cli/en/__snapshots__/mapping-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/mapping-import.test.js.snap @@ -6,91 +6,36 @@ exports[`CLI help interface for 'mapping import' should be expected english 1`] Import IDM mappings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all mappings from single file. - Ignored with -i. - -A, --all-separate Import all mappings from separate files - (*.sync.json or *.mapping.json) in the - current directory. Ignored with -i and - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import - --flush-cache Flush token cache. - -h, --help Help - -i, --mapping-id Mapping id. If specified, only one - mapping is imported and the options -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all mappings from single file. Ignored with -i. + -A, --all-separate Import all mappings from separate files (*.sync.json or *.mapping.json) in the current directory. Ignored with -i and -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import + --flush-cache Flush token cache. + -h, --help Help + -i, --mapping-id Mapping id. If specified, only one mapping is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/mapping-list.test.js.snap b/test/client_cli/en/__snapshots__/mapping-list.test.js.snap index fa6581da..21385865 100644 --- a/test/client_cli/en/__snapshots__/mapping-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/mapping-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'mapping list' should be expected english 1`] = List IDM mappings. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/mapping-rename.test.js.snap b/test/client_cli/en/__snapshots__/mapping-rename.test.js.snap index 8450139b..a1efea44 100644 --- a/test/client_cli/en/__snapshots__/mapping-rename.test.js.snap +++ b/test/client_cli/en/__snapshots__/mapping-rename.test.js.snap @@ -8,92 +8,34 @@ to the separate/new naming scheme (mapping/). To rename mappings from new back to legacy, use the -l, --legacy flag. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Rename all mappings. Ignored with -i. - Ordering is preserved through this - renaming process, according to the order - of the mappings before renaming. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --mapping-id Mapping id/name. If specified, -a is - ignored. The mapping's order is lost - through renaming, and relies on the - default ordering of wherever it ends up - (usually that means it ends up last in - sync order) - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --legacy Rename all mappings from the new naming - scheme back to the legacy naming scheme. - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Rename all mappings. Ignored with -i. Ordering is preserved through this renaming process, according to the order of the mappings before renaming. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --mapping-id Mapping id/name. If specified, -a is ignored. The mapping's order is lost through renaming, and relies on the default ordering of wherever it ends up (usually that means it ends up last in sync order) + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --legacy Rename all mappings from the new naming scheme back to the legacy naming scheme. + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/oauth-client-delete.test.js.snap b/test/client_cli/en/__snapshots__/oauth-client-delete.test.js.snap index f4643f35..6eeb923d 100644 --- a/test/client_cli/en/__snapshots__/oauth-client-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/oauth-client-delete.test.js.snap @@ -6,86 +6,34 @@ exports[`CLI help interface for 'oauth client delete' should be expected english Delete OAuth2 clients. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all cmds in a realm. Ignored with - -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id OAuth2 client id/name. If specified, -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deep No deep delete. This leaves orphaned - configuration artifacts behind. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all cmds in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id OAuth2 client id/name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deep No deep delete. This leaves orphaned configuration artifacts behind. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/oauth-client-export.test.js.snap b/test/client_cli/en/__snapshots__/oauth-client-export.test.js.snap index 10e8aa7f..d63c7bf9 100644 --- a/test/client_cli/en/__snapshots__/oauth-client-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/oauth-client-export.test.js.snap @@ -6,92 +6,37 @@ exports[`CLI help interface for 'oauth client export' should be expected english Export OAuth2 clients. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all OAuth2 apps to a single file. - Ignored with -i. - -A, --all-separate Export all OAuth2 apps to separate files - (*.oauth2.app.json) in the current - directory. Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id App id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all OAuth2 apps to a single file. Ignored with -i. + -A, --all-separate Export all OAuth2 apps to separate files (*.oauth2.app.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id App id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/oauth-client-import.test.js.snap b/test/client_cli/en/__snapshots__/oauth-client-import.test.js.snap index 0439dc5a..620ba30e 100644 --- a/test/client_cli/en/__snapshots__/oauth-client-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/oauth-client-import.test.js.snap @@ -6,91 +6,36 @@ exports[`CLI help interface for 'oauth client import' should be expected english Import OAuth2 clients. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all clients from single file. - Ignored with -i. - -A, --all-separate Import all clients from separate files - (*.app.json) in the current directory. - Ignored with -i or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --app-id Client id. If specified, only one client - is imported and the options -a and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all clients from single file. Ignored with -i. + -A, --all-separate Import all clients from separate files (*.app.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --app-id Client id. If specified, only one client is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/oauth-client-list.test.js.snap b/test/client_cli/en/__snapshots__/oauth-client-list.test.js.snap index de540226..fbbe52cb 100644 --- a/test/client_cli/en/__snapshots__/oauth-client-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/oauth-client-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'oauth client list' should be expected english 1 List OAuth2 clients. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/promote.test.js.snap b/test/client_cli/en/__snapshots__/promote.test.js.snap index 2f586503..74fedd8b 100644 --- a/test/client_cli/en/__snapshots__/promote.test.js.snap +++ b/test/client_cli/en/__snapshots__/promote.test.js.snap @@ -6,106 +6,40 @@ exports[`CLI help interface for 'app' should be expected english 1`] = ` Prepares a tenant to be promoted Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -E, --frodo-export-dir The directory where the frodo export is - located. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -M, --master-dir The directory where the master - configurations is located. - --no-cache Disable token cache for this operation. - --no-prune Will stop prune from running - -P --print-diff Outputs the diff to a file in the - directory where the command was run. - (default: false) - --propmt-prune Will prompt for Frodo Journey Prune on - all realms (default: false) - -S --effect-secrets Will effect the secrets, otherwise we - will not change the secrets but will - compare them (default: false) - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --target Host URL of the environment to perform - secret value encryption. The URL must - resolve to an existing connection - profile. Use this option to generate an - export that can be imported into the - target environment without requiring - admin access to the source environment. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. - -W --wait-secrets When secrets are effected we need to run - a refresh on the enviornment. This will - cause the command to wait until the - refresh is finished. (default: false) - --what-if Runs a what if of the comparison, so it - wont do any changes (default: false) + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -E, --frodo-export-dir The directory where the frodo export is located. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -M, --master-dir The directory where the master configurations is located. + --no-cache Disable token cache for this operation. + --no-prune Will stop prune from running + -P --print-diff Outputs the diff to a file in the directory where the command was run. (default: false) + --propmt-prune Will prompt for Frodo Journey Prune on all realms (default: false) + -S --effect-secrets Will effect the secrets, otherwise we will not change the secrets but will compare them (default: false) + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --target Host URL of the environment to perform secret value encryption. The URL must resolve to an existing connection profile. Use this option to generate an export that can be imported into the target environment without requiring admin access to the source environment. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. + -W --wait-secrets When secrets are effected we need to run a refresh on the enviornment. This will cause the command to wait until the refresh is finished. (default: false) + --what-if Runs a what if of the comparison, so it wont do any changes (default: false) Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/realm-add-custom-domain.test.js.snap b/test/client_cli/en/__snapshots__/realm-add-custom-domain.test.js.snap index 0fda55a2..035d6c23 100644 --- a/test/client_cli/en/__snapshots__/realm-add-custom-domain.test.js.snap +++ b/test/client_cli/en/__snapshots__/realm-add-custom-domain.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'realm add-custom-domain' should be expected eng Add custom domain (realm DNS alias). Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -d, --domain Custom DNS domain name. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -d, --domain Custom DNS domain name. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/realm-describe.test.js.snap b/test/client_cli/en/__snapshots__/realm-describe.test.js.snap index 05ef9d0d..f960d8a7 100644 --- a/test/client_cli/en/__snapshots__/realm-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/realm-describe.test.js.snap @@ -6,80 +6,31 @@ exports[`CLI help interface for 'realm describe' should be expected english 1`] Describe realms. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/realm-export.test.js.snap b/test/client_cli/en/__snapshots__/realm-export.test.js.snap index b59a2ef0..b85a59bd 100644 --- a/test/client_cli/en/__snapshots__/realm-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/realm-export.test.js.snap @@ -6,92 +6,37 @@ exports[`CLI help interface for 'realm export' should be expected english 1`] = Export realms. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all realms to a single file. - Ignored with -i or -n. - -A, --all-separate Export all realms to separate files - (*.realm.json) in the current directory. - Ignored with -i, -n, or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --realm-id Realm id. If specified, -n, -a, and -A - are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --realm-name Realm name. If specified, -a and -A are - ignored. - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all realms to a single file. Ignored with -i or -n. + -A, --all-separate Export all realms to separate files (*.realm.json) in the current directory. Ignored with -i, -n, or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --realm-id Realm id. If specified, -n, -a, and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --realm-name Realm name. If specified, -a and -A are ignored. + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/realm-import.test.js.snap b/test/client_cli/en/__snapshots__/realm-import.test.js.snap index 686b58f2..dc9ac46f 100644 --- a/test/client_cli/en/__snapshots__/realm-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/realm-import.test.js.snap @@ -6,92 +6,36 @@ exports[`CLI help interface for 'realm import' should be expected english 1`] = Import realms. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all realms from single file. - Ignored with -i or -n. - -A, --all-separate Import all realms from separate files - (*.realm.json) in the current directory. - Ignored with -i, -n, or -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --realm-id Realm id. If specified, only one realm - is imported and the options -n, -a, and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --realm-name Realm name. If specified, only one realm - is imported and the options -a and -A - are ignored. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all realms from single file. Ignored with -i or -n. + -A, --all-separate Import all realms from separate files (*.realm.json) in the current directory. Ignored with -i, -n, or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --realm-id Realm id. If specified, only one realm is imported and the options -n, -a, and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --realm-name Realm name. If specified, only one realm is imported and the options -a and -A are ignored. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/realm-list.test.js.snap b/test/client_cli/en/__snapshots__/realm-list.test.js.snap index a1effb3e..0431dc6a 100644 --- a/test/client_cli/en/__snapshots__/realm-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/realm-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'realm list' should be expected english 1`] = ` List realms. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/realm-remove-custom-domain.test.js.snap b/test/client_cli/en/__snapshots__/realm-remove-custom-domain.test.js.snap index e3af3148..2bfe231a 100644 --- a/test/client_cli/en/__snapshots__/realm-remove-custom-domain.test.js.snap +++ b/test/client_cli/en/__snapshots__/realm-remove-custom-domain.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'realm remove-custom-domain' should be expected Remove custom domain (realm DNS alias). Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -d, --domain Custom DNS domain name. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -d, --domain Custom DNS domain name. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/role-export.test.js.snap b/test/client_cli/en/__snapshots__/role-export.test.js.snap index 6a59049e..f7144235 100644 --- a/test/client_cli/en/__snapshots__/role-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/role-export.test.js.snap @@ -6,95 +6,37 @@ exports[`CLI help interface for 'role export' should be expected english 1`] = ` Export internal roles. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all internal roles to a single - file. Ignored with -i. - -A, --all-separate Export all internal roles to separate - files (*.internalRole.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --role-id Internal role id. If specified, only one - internal role is exported and the - options -n, -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --role-name Internal role name. If specified, only - one internal role is exported and the - options -a and -A are ignored. - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all internal roles to a single file. Ignored with -i. + -A, --all-separate Export all internal roles to separate files (*.internalRole.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the export file. + --flush-cache Flush token cache. + -h, --help Help + -i, --role-id Internal role id. If specified, only one internal role is exported and the options -n, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --role-name Internal role name. If specified, only one internal role is exported and the options -a and -A are ignored. + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/role-import.test.js.snap b/test/client_cli/en/__snapshots__/role-import.test.js.snap index 67196159..9307d902 100644 --- a/test/client_cli/en/__snapshots__/role-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/role-import.test.js.snap @@ -6,93 +6,36 @@ exports[`CLI help interface for 'role import' should be expected english 1`] = ` Import internal roles. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all internal roles from single - file. Ignored with -i. - -A, --all-separate Import all internal roles from separate - files (*.internalRole.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import. - --flush-cache Flush token cache. - -h, --help Help - -i, --role-id Internal role id. If specified, only one - internal role is imported and the - options -n, -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --role-name Internal role name. If specified, only - one internal role is imported and the - options -a and -A are ignored. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all internal roles from single file. Ignored with -i. + -A, --all-separate Import all internal roles from separate files (*.internalRole.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import. + --flush-cache Flush token cache. + -h, --help Help + -i, --role-id Internal role id. If specified, only one internal role is imported and the options -n, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --role-name Internal role name. If specified, only one internal role is imported and the options -a and -A are ignored. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/role-list.test.js.snap b/test/client_cli/en/__snapshots__/role-list.test.js.snap index e9709241..9d02eb9a 100644 --- a/test/client_cli/en/__snapshots__/role-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/role-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'role list' should be expected english 1`] = ` List roles. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-cot-export.test.js.snap b/test/client_cli/en/__snapshots__/saml-cot-export.test.js.snap index 0d46a2a7..9b776c77 100644 --- a/test/client_cli/en/__snapshots__/saml-cot-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-cot-export.test.js.snap @@ -6,92 +6,36 @@ exports[`CLI help interface for 'saml cot export' should be expected english 1`] Export SAML circles of trust. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all the circles of trust in a - realm to a single file. Ignored with -i. - -A, --all-separate Export all the circles of trust in a - realm as separate files - .cot.saml.json. Ignored with -i, - and -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Name of the export file. Ignored with - -A. Defaults to .cot.saml.json. - --flush-cache Flush token cache. - -h, --help Help - -i, --cot-id Circle of trust id/name. If specified, - -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all the circles of trust in a realm to a single file. Ignored with -i. + -A, --all-separate Export all the circles of trust in a realm as separate files .cot.saml.json. Ignored with -i, and -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Name of the export file. Ignored with -A. Defaults to .cot.saml.json. + --flush-cache Flush token cache. + -h, --help Help + -i, --cot-id Circle of trust id/name. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-cot-import.test.js.snap b/test/client_cli/en/__snapshots__/saml-cot-import.test.js.snap index dc88c059..606e619d 100644 --- a/test/client_cli/en/__snapshots__/saml-cot-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-cot-import.test.js.snap @@ -6,91 +6,35 @@ exports[`CLI help interface for 'saml cot import' should be expected english 1`] Import SAML circles of trust. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all circles of trust from single - file. Ignored with -i. - -A, --all-separate Import all circles of trust from - separate files (*.cot.saml.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import the circle(s) - of trust from. - --flush-cache Flush token cache. - -h, --help Help - -i, --cot-id Circle of trust id. If specified, only - one circle of trust is imported and the - options -a and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all circles of trust from single file. Ignored with -i. + -A, --all-separate Import all circles of trust from separate files (*.cot.saml.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import the circle(s) of trust from. + --flush-cache Flush token cache. + -h, --help Help + -i, --cot-id Circle of trust id. If specified, only one circle of trust is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-cot-list.test.js.snap b/test/client_cli/en/__snapshots__/saml-cot-list.test.js.snap index 86559f43..20e49f86 100644 --- a/test/client_cli/en/__snapshots__/saml-cot-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-cot-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'saml cot list' should be expected english 1`] = List SAML circles of trust. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-delete.test.js.snap b/test/client_cli/en/__snapshots__/saml-delete.test.js.snap index 0b4754f1..75069331 100644 --- a/test/client_cli/en/__snapshots__/saml-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-delete.test.js.snap @@ -6,83 +6,33 @@ exports[`CLI help interface for 'saml delete' should be expected english 1`] = ` Delete SAML entity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all entity providers. Ignored - with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --entity-id Entity id. If specified, -a is ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all entity providers. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --entity-id Entity id. If specified, -a is ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-describe.test.js.snap b/test/client_cli/en/__snapshots__/saml-describe.test.js.snap index 5623e101..71ef63c8 100644 --- a/test/client_cli/en/__snapshots__/saml-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-describe.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'saml describe' should be expected english 1`] = Describe the configuration of an entity provider. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --entity-id Entity id. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --entity-id Entity id. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-export.test.js.snap b/test/client_cli/en/__snapshots__/saml-export.test.js.snap index 5056f388..2dc1a0bc 100644 --- a/test/client_cli/en/__snapshots__/saml-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-export.test.js.snap @@ -6,96 +6,37 @@ exports[`CLI help interface for 'saml export' should be expected english 1`] = ` Export SAML entity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all the providers in a realm to a - single file. Ignored with -t and -i. - -A, --all-separate Export all the providers in a realm as - separate files .saml.json. Ignored with -t, -i, - and -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Name of the file to write the exported - provider(s) to. Ignored with -A. If not - specified, the export file is named - .saml.json. - --flush-cache Flush token cache. - -h, --help Help - -i, --entity-id Entity id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Export all the providers in a realm to a single file. Ignored with -t and -i. + -A, --all-separate Export all the providers in a realm as separate files .saml.json. Ignored with -t, -i, and -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Name of the file to write the exported provider(s) to. Ignored with -A. If not specified, the export file is named .saml.json. + --flush-cache Flush token cache. + -h, --help Help + -i, --entity-id Entity id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -N, --no-metadata Does not include metadata in the export file. + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-import.test.js.snap b/test/client_cli/en/__snapshots__/saml-import.test.js.snap index b1192f2e..00de69db 100644 --- a/test/client_cli/en/__snapshots__/saml-import.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-import.test.js.snap @@ -6,93 +6,36 @@ exports[`CLI help interface for 'saml import' should be expected english 1`] = ` Import SAML entity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Import all entity providers from single - file. Ignored with -i. - -A, --all-separate Import all entity providers from - separate files (*.saml.json) in the - current directory. Ignored with -i or - -a. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the file to import the entity - provider(s) from. - --flush-cache Flush token cache. - -h, --help Help - -i, --entity-id Entity id. If specified, only one - provider is imported and the options -a - and -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --no-deps Do not include any dependencies - (scripts). - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Import all entity providers from single file. Ignored with -i. + -A, --all-separate Import all entity providers from separate files (*.saml.json) in the current directory. Ignored with -i or -a. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file Name of the file to import the entity provider(s) from. + --flush-cache Flush token cache. + -h, --help Help + -i, --entity-id Entity id. If specified, only one provider is imported and the options -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --no-deps Do not include any dependencies (scripts). + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-list.test.js.snap b/test/client_cli/en/__snapshots__/saml-list.test.js.snap index 5b944cc3..8989638f 100644 --- a/test/client_cli/en/__snapshots__/saml-list.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-list.test.js.snap @@ -6,81 +6,32 @@ exports[`CLI help interface for 'saml list' should be expected english 1`] = ` List SAML entity providers. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - -l, --long Long with all fields. (default: false) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + -l, --long Long with all fields. (default: false) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/saml-metadata-export.test.js.snap b/test/client_cli/en/__snapshots__/saml-metadata-export.test.js.snap index c19a1d51..a7dcd61d 100644 --- a/test/client_cli/en/__snapshots__/saml-metadata-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/saml-metadata-export.test.js.snap @@ -6,86 +6,33 @@ exports[`CLI help interface for 'saml metadata export' should be expected englis Export metadata. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Name of the file to write the exported - metadata to. Ignored with -A. If not - specified, the export file is named - .metadata.xml. - --flush-cache Flush token cache. - -h, --help Help - -i, --entity-id Entity id. If specified, -a and -A are - ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Name of the file to write the exported metadata to. Ignored with -A. If not specified, the export file is named .metadata.xml. + --flush-cache Flush token cache. + -h, --help Help + -i, --entity-id Entity id. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/script-delete.test.js.snap b/test/client_cli/en/__snapshots__/script-delete.test.js.snap index 182e76fa..88f0811e 100644 --- a/test/client_cli/en/__snapshots__/script-delete.test.js.snap +++ b/test/client_cli/en/__snapshots__/script-delete.test.js.snap @@ -6,86 +6,34 @@ exports[`CLI help interface for 'script delete' should be expected english 1`] = Delete scripts. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Delete all non-default scripts in a - realm. Ignored with -i. - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - --flush-cache Flush token cache. - -h, --help Help - -i, --script-id Uuid of the script. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --script-name Name of the script. If specified, -a and - -A are ignored. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + -a, --all Delete all non-default scripts in a realm. Ignored with -i. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + --flush-cache Flush token cache. + -h, --help Help + -i, --script-id Uuid of the script. If specified, -a and -A are ignored. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --script-name Name of the script. If specified, -a and -A are ignored. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/script-describe.test.js.snap b/test/client_cli/en/__snapshots__/script-describe.test.js.snap index a7a5432a..ebe704bc 100644 --- a/test/client_cli/en/__snapshots__/script-describe.test.js.snap +++ b/test/client_cli/en/__snapshots__/script-describe.test.js.snap @@ -6,97 +6,36 @@ exports[`CLI help interface for 'script describe' should be expected english 1`] Describe script. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - --curlirize Output all network calls in curl format. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file [file] Optional export file to use to determine - usage. Overrides -D, --directory. Only - used if -u or --usage is provided as - well. - --flush-cache Flush token cache. - -h, --help Help - -i, --script-id Uuid of the script. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - --json Output in JSON format. - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --script-name Name of the script. - --no-cache Disable token cache for this operation. - --sa-id Service account id. - --sa-jwk-file File containing the JSON Web Key (JWK) - associated with the the service account. - -u, --usage List all uses of the script. If a file - is provided with -f or --file, it will - search for usage in the file. If a - directory is provided with -D or - --directory, it will search for usage in - all .json files in the directory and - sub-directories. If no file or directory - is provided, it will perform a full - export automatically to determine usage. - (default: false) - --verbose Verbose output during command execution. - If specified, may or may not produce - additional output. + --curlirize Output all network calls in curl format. + -D, --directory Set the working directory. + --debug Debug output during command execution. If specified, may or may not produce additional output helpful for troubleshooting. + -f, --file [file] Optional export file to use to determine usage. Overrides -D, --directory. Only used if -u or --usage is provided as well. + --flush-cache Flush token cache. + -h, --help Help + -i, --script-id Uuid of the script. + --idm-host IDM base URL, e.g.: https://cdk.idm.example.com/myidm. Use only if your IDM installation resides in a different domain and/or if the base path differs from the default "/openidm". + --json Output in JSON format. + -k, --insecure Allow insecure connections when using SSL/TLS. Has no effect when using a network proxy for https (HTTPS_PROXY=http://:), in that case the proxy must provide this capability. (default: Don't allow insecure connections) + --login-client-id Specify a custom OAuth2 client id to use a your own oauth2 client for IDM API calls in deployments of type "cloud" or "forgeops". Your custom client must be configured as a public client and allow the authorization code grant using the "openid fr:idm:*" scope. Use the "--redirect-uri" parameter if you have configured a custom redirect uri (default: "/platform/appAuthHelperRedirect.html"). + --login-redirect-uri Specify a custom redirect URI to use with your custom OAuth2 client (efault: "/platform/appAuthHelperRedirect.html"). + -m, --type Override auto-detected deployment type. Valid values for type: + classic: A classic Access Management-only deployment with custom layout and configuration. + cloud: A ForgeRock Identity Cloud environment. + forgeops: A ForgeOps CDK or CDM deployment. + The detected or provided deployment type controls certain behavior like obtaining an Identity Management admin token or not and whether to export/import referenced email templates or how to walk through the tenant admin login flow of Identity Cloud and handle MFA (choices: "classic", "cloud", "forgeops") + -n, --script-name Name of the script. + --no-cache Disable token cache for this operation. + --sa-id Service account id. + --sa-jwk-file File containing the JSON Web Key (JWK) associated with the the service account. + -u, --usage List all uses of the script. If a file is provided with -f or --file, it will search for usage in the file. If a directory is provided with -D or --directory, it will search for usage in all .json files in the directory and sub-directories. If no file or directory is provided, it will perform a full export automatically to determine usage. (default: false) + --use-realm-prefix-on-managed-objects Set to true if you want to use the realm name as a prefix on managed object configuration, e.g. managed/alpha_user, managed/alpha_application or managed/bravo_organization. When false, the default behaviour of using managed/user etc. is retained. This option is ignored when the deployment type is "cloud". + --verbose Verbose output during command execution. If specified, may or may not produce additional output. Environment Variables: FRODO_HOST: AM base URL. Overridden by 'host' argument. diff --git a/test/client_cli/en/__snapshots__/script-export.test.js.snap b/test/client_cli/en/__snapshots__/script-export.test.js.snap index fd16724a..f73b4a8d 100644 --- a/test/client_cli/en/__snapshots__/script-export.test.js.snap +++ b/test/client_cli/en/__snapshots__/script-export.test.js.snap @@ -6,102 +6,41 @@ exports[`CLI help interface for 'script export' should be expected english 1`] = Export scripts. Arguments: - host AM base URL, e.g.: - https://cdk.iam.example.com/am. To use a - connection profile, just specify a - unique substring. - realm Realm. Specify realm as '/' for the root - realm or 'realm' or '/parent/child' - otherwise. (default: "alpha" for - Identity Cloud tenants, "/" otherwise.) - username Username to login with. Must be an admin - user with appropriate rights to manage - authentication journeys/trees. - password Password. + host AM base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. + realm Realm. Specify realm as '/' for the root realm or 'realm' or '/parent/child' otherwise. (default: "alpha" for Identity Cloud tenants, "/" otherwise.) + username Username to login with. Must be an admin user with appropriate rights to manage authentication journeys/trees. + password Password. Options: - -a, --all Export all scripts to a single file. - Ignored with -n. - -A, --all-separate Export all scripts to separate files - (*.script.json) in the current - directory. Ignored with -n or -a. - --curlirize Output all network calls in curl format. - -d, --default Export all scripts including the default - scripts. Ignored with -n. - -D, --directory Set the working directory. - --debug Debug output during command execution. - If specified, may or may not produce - additional output helpful for - troubleshooting. - -f, --file Name of the export file. - --flush-cache Flush token cache. - -h, --help Help - -i, --script-id Uuid of the script. If specified, -a and - -A are ignored. - --idm-host IDM base URL, e.g.: - https://cdk.idm.example.com/myidm. Use - only if your IDM installation resides in - a different domain and/or if the base - path differs from the default - "/openidm". - -k, --insecure Allow insecure connections when using - SSL/TLS. Has no effect when using a - network proxy for https - (HTTPS_PROXY=http://:), in - that case the proxy must provide this - capability. (default: Don't allow - insecure connections) - --login-client-id Specify a custom OAuth2 client id to use - a your own oauth2 client for IDM API - calls in deployments of type "cloud" or - "forgeops". Your custom client must be - configured as a public client and allow - the authorization code grant using the - "openid fr:idm:*" scope. Use the - "--redirect-uri" parameter if you have - configured a custom redirect uri - (default: - "/platform/appAuthHelperRedirect.html"). - --login-redirect-uri Specify a custom redirect URI to use - with your custom OAuth2 client (efault: - "/platform/appAuthHelperRedirect.html"). - -m, --type Override auto-detected deployment type. - Valid values for type: - classic: A classic Access - Management-only deployment with custom - layout and configuration. - cloud: A ForgeRock Identity Cloud - environment. - forgeops: A ForgeOps CDK or CDM - deployment. - The detected or provided deployment type - controls certain behavior like obtaining - an Identity Management admin token or - not and whether to export/import - referenced email templates or how to - walk through the tenant admin login flow - of Identity Cloud and handle MFA - (choices: "classic", "cloud", - "forgeops") - -n, --script-name Name of the script. If specified, -a and - -A are ignored. - -N, --no-metadata Does not include metadata in the export - file. - --no-cache Disable token cache for this operation. - --no-deps Do not include script dependencies (i.e. - library scripts). Ignored with -a and - -A. - -s, --script