Globus Connect Server Auth Policy Update

Name

globus-connect-server auth-policy update - Update an authentication policy

Synopsis

globus-connect-server auth-policy update [OPTIONS] POLICY_ID

Description

The globus-connect-server auth-policy update command updates the authentication policy in Globus Auth. In order to use this command, one of your Globus identities must have an administrator role on the Globus Auth project where the authentication policy is stored.

Options

--description DESCRIPTION

Description for the authentication policy.

--display-name DISPLAY_NAME

Display name for the authentication policy.

--project-id PROJECT_ID (new in 5.4.72)

The Globus Auth project ID where this authentication policy will be stored. If the admin only has a single Globus Auth project, it will be used by default. Otherwise, the admin must specify the Globus Auth project ID.

--authentication-assurance-timeout SECONDS (new in 5.4.72)

Number of seconds within which someone must have authenticated to satisfy the policy.

--include DOMAIN

Identity provider domain allowed for guest collection permissions. Users accessing the guest collection must have an identity from one of the included domains and that identity must have a valid guest collection permission. Specify a value of "" to remove this restriction and allow all of the user’s guest collection permissions. The domain may include wildcards, ie '*.edu'. This option can be given multiple times.

--exclude DOMAIN

Identity provider domain not allowed for guest collection permissions. Any of the user’s permissions from this domain will not be considered for guest collection access. Specify a value of "" to remove this restriction and allow all of the user’s guest collection permissions. Any domain listed in both included domains and excluded domains will not be able to access the guest collection. The domain may include wildcards, ie '*.com'. This option can be given multiple times.

--version

Show the version and exit.

-h, --help

Show this message and exit.

Example

This example updates an existing authentication policy by removing any required include domains and changes the policy’s display name:

globus-connect-server auth-policy update \
    --display-name "My Auth Policy's New Display Name" \
    --include "" \
    18be6172-43a8-438c-aaa8-e8e36707399e
Updated authentication policy 18be6172-43a8-438c-aaa8-e8e36707399e