<issuedToken>
Specifies a custom token used to authenticate a client to a service.
<configuration>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior>
<clientCredentials>
<issuedToken>
Syntax
<issuedToken cacheIssuedTokens="Boolean"
defaultKeyEntropyMode="ClientEntropy/ServerEntropy/CombinedEntropy"
issuedTokenRenewalThresholdPercentage = "0 to 100"
issuerChannelBehaviors="String"
localIssuerChannelBehaviors="String"
maxIssuedTokenCachingTime="TimeSpan">
</issuedToken>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
Attribute | Description |
---|---|
cacheIssuedTokens |
Optional Boolean attribute that specifies whether tokens are cached. The default is true . |
defaultKeyEntropyMode |
Optional string attribute that specifies which random values (entropies) are used for handshake operations. Values include ClientEntropy , ServerEntropy , and CombinedEntropy , The default is CombinedEntropy . This attribute is of type SecurityKeyEntropyMode. |
issuedTokenRenewalThresholdPercentage |
Optional integer attribute that specifies the percentage of a valid time frame (supplied by the token issuer) that can pass before a token is renewed. Values are from 0 to 100. The default is 60, which specifies 60% of the time passes before a renewal is attempted. |
issuerChannelBehaviors |
Optional attribute that specifies the channel behaviors to use when communicating with the issuer. |
localIssuerChannelBehaviors |
Optional attribute that specifies the channel behaviors to use when communicating with the local issuer. |
maxIssuedTokenCachingTime |
Optional Timespan attribute that specifies the duration that issued tokens are cached when the token issuer (an STS) does not specify a time. The default is "10675199.02:48:05.4775807." |
Child Elements
Element | Description |
---|---|
<localIssuer> | Specifies the address of the local issuer of the token and the binding used to communicate with the endpoint. |
<issuerChannelBehaviors> | Specifies the endpoint behaviors to use when contacting a local issuer. |
Parent Elements
Element | Description |
---|---|
<clientCredentials> | Specifies the credentials used to authenticate a client to a service. |
Remarks
An issued token is a custom credential type used, for example, when authenticating with a Secure Token Service (STS) in a federated scenario. By default, the token is a SAML token. For more information, see Federation and Issued Tokens, and Federation and Issued Tokens.
This section contains the elements used to configure a local issuer of tokens, or behaviors used with an security token service. For instructions on configuring a client to use a local issuer, see How to: Configure a Local Issuer.
See also
- IssuedTokenClientElement
- ClientCredentialsElement
- ClientCredentials
- IssuedToken
- IssuedToken
- IssuedTokenClientCredential
- Security Behaviors
- Securing Services and Clients
- Federation and Issued Tokens
- Securing Clients
- How to: Create a Federated Client
- How to: Configure a Local Issuer
- Federation and Issued Tokens