The client was to really test the new API and see what endpoints had been added. The biggest difference in v11 is the ability to use callbacks within the authentication module response, allowing other attribute values to be passed back to OpenAM, instead of the traditional username and password values.
The client is just a collection of individual shell scripts that call curl and jq for additional JSON parsing.
JQ isn't really needed as OpenAM now offers a
_prettyPrint=true parameter that can do some basic JSON parsing before the response is delivered. JQ is just useful if you want to iterate over object that comes back and pull out specific attributes.
I then added a simple menu system, just using case, with each menu having it's own file, just to keep the management easy. A bit of OO in bash :)
To use, simply either download via Github as a zip or clone the repo. Run ./interactive.sh to get started (albeit you can still run each script individually). Add in your OpenAM server settings via option 'C'. Away you go. You need to authenticate to do anything. Authenticating via any method, will create a .token file in the shell client directory which is then reused during subsequent calls to OpenAM as a header value.
You then retrieve the attributes associated with that token, before going onto managing objects within then OpenAM repo such as realms, agents, users and so policies.
For further details on the OpenAM REST client endpoints, take a look at chapter 3 of the Developers guide available at ForgeRock documentation site.