Interface AdministrativeFlowDescriptor

All Superinterfaces:
AuthenticationProfileConfiguration, Component, DestructableComponent, FlowDescriptor, IdentifiableComponent, IdentifiedComponent, InitializableComponent, ProfileConfiguration
All Known Implementing Classes:
BasicAdministrativeFlowDescriptor, OneTimeAdministrativeFlowDescriptor

public interface AdministrativeFlowDescriptor
extends FlowDescriptor, AuthenticationProfileConfiguration
A descriptor for an administrative flow.

Administrative flows are essentially any feature intrinsic to the IdP itself and generally not exposed to external systems using security mechanisms that would involve the more traditional "relying party" machinery and security models. Examples include status reporting and service management features, or user self-service features.

Since:
3.3.0
  • Method Details

    • getLoggingId

      @Nullable String getLoggingId()
      Get a logging ID to use when auditing this profile.
      Returns:
      logging ID
    • isNonBrowserSupported

      boolean isNonBrowserSupported​(@Nullable ProfileRequestContext profileRequestContext)
      Get whether this flow supports non-browser clients (default is true).
      Parameters:
      profileRequestContext - current profile request context
      Returns:
      whether this flow supports non-browser clients
    • isAuthenticated

      boolean isAuthenticated​(@Nullable ProfileRequestContext profileRequestContext)
      Get whether user authentication is required (default is false).
      Parameters:
      profileRequestContext - current profile request context
      Returns:
      whether user authentication is required
    • getUIInfo

      @Nullable UIInfo getUIInfo()
      Get the user interface details for this profile.
      Returns:
      user interface details
    • getPolicyName

      @Nullable String getPolicyName​(@Nullable ProfileRequestContext profileRequestContext)
      Get the access control policy for this flow.
      Parameters:
      profileRequestContext - current profile request context
      Returns:
      name of access control policy
    • isResolveAttributes

      boolean isResolveAttributes​(@Nullable ProfileRequestContext profileRequestContext)
      Get whether to resolve attributes during the profile (default is false).
      Parameters:
      profileRequestContext - current profile request context
      Returns:
      whether to resolve attributes during the profile
    • isLocal

      default boolean isLocal()
      Get whether this profile is for functionality local to the IdP.

      Most authentication profiles are non-local, designed to issue security tokens to other systems, so this is generally false.

      Specified by:
      isLocal in interface AuthenticationProfileConfiguration
      Returns:
      true iff the use of the associated profile is local to the IdP