Share via


Microsoft.IdentityModel.Tokens Namespace

[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

Classes

Class Description
AggregateTokenResolver This class defines a TokenResolver that can wrap multiple Token Resolvers and resolve tokens across all the wrapped token resolvers.
AsymmetricProofDescriptor This class can be used for issuing the asymmetric key based token.
AudienceRestriction Defines settings for a AudienceRestriction verification.
AudienceUriValidationFailedException Throw this exception a received Security token failed Audience Uri validation.
AuthenticationContext This class is used to specify the context of an authentication event.
AuthorizationPolicy Defines an AuthorizationPolicy that carries the IDFx Claims. When IDFx is enabled a new set of Security Token Authenticators are added to the system. These Authenticators will generate the new Claims defined in Microsoft.IdentityModel.Claims.
ConfigurationBasedIssuerNameRegistry Implements a name service that resolves issuer tokens to strings.
ConfigureServiceHostServiceBehavior Provides custom service behavior to the service. It invokes the ConfigureServiceHost(ServiceHostBase) method to configure the service host.
DefaultTokenReplayCache A default implementation of the Token replay cache that is backed by a bounded cache.
EncryptedSecurityToken A pseudo-token which handles encryption for a token which does not natively support it.
EncryptedSecurityTokenHandler Token handler for an encrypted SecurityToken type.
EncryptedTokenDecryptionFailedException The exception that is thrown when an error occurs while processing an encrypted security token
EndpointAuthorizationPolicy Implementation of IAuthorizationPolicy that contains endpoint specific AuthorizationPolicy.
FailedAuthenticationException Throw this exception when the security token could not be authenticated or authorized.
FailedAuthenticationFaultException This class represents the FailedAuthentication fault defined by WS-Security.
FailedCheckException Throw this exception when the signature or decryption was not valid.
FailedCheckFaultException This class represents the FailedCheck fault defined by WS-Security.
FederatedSecurityTokenManager SecurityTokenManager that enables plugging custom tokens easily. The SecurityTokenManager provides methods to register custom token providers, serializers and authenticators. It can wrap another Token Managers and delegate token operation calls to it if required.
FederatedServiceCredentials Helper class that provides mechanism to plug the FederatedSecurityTokenManager to any WCF ServiceHost application. Create an instance of this class and add this as the ServiceCredentials to your ServiceHost.
IdentityModelServiceAuthorizationManager Custom ServiceAuthorizationManager implementation. This class substitues the WCF generated IAuthorizationPolicies with AuthorizationPolicy. These policies do not participate in the EvaluationContext and hence will render an empty WCF AuthorizationConext. Once this AuthorizationManager is substitued to a ServiceHost, only IClaimsPrincipal will be available for Authorization decisions.
InvalidSecurityException Throw this exception when an error was discovered processing the <wsse:Security> header.
InvalidSecurityFaultException This class represents the InvalidSecurity fault defined by WS-Security.
InvalidSecurityTokenException Throw this exception when an invalid security token was provided.
InvalidSecurityTokenFaultException This class represents the InvalidSecurityToken fault defined by WS-Security.
IssuerNameRegistry The abstract base class that represents a name service that returns the issuer name of a specified token.
IssuerTokenResolver Resolves issuer tokens received from service partners.
KerberosSecurityTokenHandler SecurityTokenHandler for KerberosReceiverSecurityToken.
MembershipUserNameSecurityTokenHandler UserNameSecurityTokenHandler that validates the UsernameSecurityToken using a given MembershipProvider.
MessageExpiredException Throw this exception when the message has expired.
MessageExpiredFaultException This class represents the MessageExpired fault defined by WS-Security.
ProofDescriptor Base class for SymmetricProofDescriptor and AsymmetricProofDescriptor
RsaSecurityTokenHandler SecurityTokenHandler for RsaSecurityTokens.
SamlSecurityTokenRequirement Extends SecurityTokenRequirement by adding new properties which are useful for issued tokens.
SecurityKeyElement Provides delayed resolution of security keys by resolving the SecurityKeyIdentifierClause or SecurityKeyIdentifier only when cryptographic functions are needed. This allows a key clause or identifier that is never used by an application to be serialized and deserialzied on and off the wire without issue.
SecurityKeyIdentifierClauseSerializer Abstract class for SecurityKeyIdentifierClause Serializer.
SecurityTokenCache Defines a simple abstract interface to a cache of security tokens.
SecurityTokenCacheKey When caching an SCT there are two indexes required. One is the ContextId that is unique across all SCT and the next is KeyGeneration which is unique within an SCT. When an SCT is issued it has only a ContextId. When the SCT is renewed the KeyGeneration is added as an second index to the SCT. Now the renewed SCT is uniquely identifiable via the ContextId and KeyGeneration. The class SecurityTokenCacheKey is used as the index to the SCT cache. This index will always have a valid ContextId specified but the KeyGeneration may be null. There is also an optional EndpointId which gives the endpoint to which the token is scoped.
SecurityTokenDescriptor This is a place holder for all the attributes related to the issued token
SecurityTokenElement This class represents a number elements found in a RequestSecurityToken which represent security tokens.
SecurityTokenExpiredException Throw this exception when a received Security Token has expiration time in the past.
SecurityTokenHandler Defines the interface for a Custom Security Token Handler.
SecurityTokenHandlerCollection Defines a collection of SecurityTokenHandlers.
SecurityTokenHandlerCollectionManager A class which manages multiple named SecurityTokenHandlerCollection.
Usage Defines standard collection names used by the framework.
SecurityTokenHandlerConfiguration Configuration common to all SecurityTokenHandlers.
SecurityTokenNotYetValidException Throw this exception when a received Security token has an effective time in the future.
SecurityTokenReplayDetectedException Throw this exception when a received Security Token has been replayed.
SecurityTokenSerializerAdapter This class derives from System.ServiceModel.Security.WSSecurityTokenSerializer and wraps a collection of SecurityTokenHandlers. Any call to this serilaizer is delegated to the token handler and delegated to the base class if no token handler is registered to handle this particular token or KeyIdentifier.
SecurityTokenTypes Defines the Security Token Type URI constants.
SecurityTokenUnavailableException Throw this exception when reference security token could not be retrieved.
SecurityTokenUnavailableFaultException This class represents the SecurityTokenUnavailable fault defined by WS-Security.
SessionSecurityToken Defines a SessionSecurityToken that contains data associated with a session.
SessionSecurityTokenCookieSerializer Implements serialization and deserialization of a given SessionSecurityToken into a self-contained cookie.
SessionSecurityTokenHandler A SecurityTokenHandler that processes SessionSecurityToken.
SymmetricProofDescriptor This class can be used for issuing the symmetric key based token
TokenReplayCache This class defines the API for a cache that stores tokens for and purges them on a schedule time interval.
UnsupportedAlgorithmException Throw this exception when an unsupported signature or encryption algorithm was used.
UnsupportedAlgorithmFaultException This class represents the UnsupportedAlgorithm fault defined by WS-Security.
UnsupportedSecurityTokenException Throw this exception when an unsupported token was provided.
UnsupportedSecurityTokenFaultException This class represents the UnsupportedSecurityToken fault defined by WS-Security.
UserNameSecurityTokenHandler Defines a SecurityTokenHandler for Username Password Tokens.
WindowsUserNameSecurityTokenHandler The token handler will validated the Windows Username token.
X509CertificateStoreTokenResolver Token Resolver that can resolve X509SecurityTokens against a given X.509 Certificate Store.
X509DataSecurityKeyIdentifierClauseSerializer Implementation of SecurityKeyIdentifierClauseSerializer that handles X.509 Certificate reference types.
X509NTAuthChainTrustValidator X509CeritificateValidator that will validate a given certificate, and verify if the certificate can be mapped to a Windows account and if the certificate chain is trusted.
X509SecurityTokenHandler SecurityTokenHandler for X509SecurityToken. By default, the handler will do chain-trust validation of the Certificate.

Delegates

Delegate Description
OutboundClaimsFilter Actor that returns true if a claim should be filtered.

Copyright © 2008 by Microsoft Corporation. All rights reserved.