Template page scripting

We can use JavaScript to add server-side scripting for Advanced Access Control and Federation template pages. We can use JavaScript functions, closures, objects, and delegations. We can customize template files or pages on the server. For example, we can customize an error message displayed by the runtime server. The template files menu is located under both the Federation and AAC menus.

To edit a Federation template file, go to...

To edit an AAC template file, go to...

The JavaScript engine supports the following syntax:

Example tasks:

Examples

The following code example shows how to use repeatable macros. The following example shows an OAuth consent page.

Set an HTTP response header

We can use templateContext.response.setHeader(HeaderName, HeaderValue) to set an HTTP response header. For example, we can set the Content-Type to support both a mobile-based browser and a traditional browser. A mobile-based browser might expect JSON format while a traditional browser expects forms-based HTML.

To set an HTTP header that uses forms-based HTML:

Set an HTTP status code

Use templateContext.response.setStatus(Code) to set an HTTP response status code. For example, to set the status to 400 (standard code for a bad request):

Set a Redirect URL

We can use templateContext.response.sendRedirect(URL) to redirect the HTTP response to a different URL. For example, when we configure single logout, we can redirect the response to a specific target page, based on the federation name. An example scenario is a deployment that has one SAML 2.0 federation with two partner federations. The partner federations are named saml20app2 and saml20sp. The saml20app2 federation uses an application that is named jkebank. The saml20sp federation uses an application that is named jkeschool. The page to display on logout is determined by the federation name.

Obtain a list of macros available for a template page

In some scenarios, we might want to write JavaScript based on configuration values in the deployment. For example, we might implement one action based on the authentication type, such as if the OTP type is TOTP. Another example is we might implement an action if the Federation name of the single sign-on partner matches a certain value.

Information such as the OTP type and partner name can be retrieved only through the template page macros. To use such information, we need to know which macros are used by the page. The JavaScript engine support provides a utility that can print the available macros for a page.

To obtain a list of the available macros.

The following sample code prints the macros from a template page that ran a single sign-on flow with a partner that does not exist.

The format is JSON { "name1":"value1","name2":"value2"}

Limitations

Parent topic: Manage trust chains