Enable WS-Federation audit trace

Enable audit logging of the Security Token Response in the WS-Federation or WS-Trust response for the specified partner and users.

enabled
Set to true to enable audit logging of the Security Token Response in the WS-Federation or WS-Trust response.
providerId
The partner's provider ID, for which to enable the audit logging of the Security Token Response in the WS-Federation or WS-Trust response. This is required when enabled is set to true.
allUsers
Set to true to enable audit logging of the Security Token Response in WS-Federation or WS-Trust response for all users.
users
List of users' uids for whom to enable audit logging of the Security Token Response in the WS-Federation or WS-Trust response. This is required when enabled is set to true and allUsers is set to false.
expiry
Period to enable audit logging of the Security Token Response in WS-Federation or WS-Trust response for.
The value can be specified in seconds, minutes or hours. e.g. 120s, 10m, 1h.
If expiry is not specified or is specified in an invalid format, the default expiry of 10 minutes will be used.
The maximum expiry is 1 hour. If the expiry specified is more than 1 hour, e.g. 2h, the maximum expiry of 1 hour will be used.


Example payload:
  [
    {
      "enabled": true,
      "providerId": "urn:federation:MicrosoftOnline",
      "allUsers": false,
      "users": [
        "6090001RWA",
        "6090003QET"
      ],
      "expiry": "10m"
    }
  ]

Language
URL