tokenIssuancePolicy resource type
Namespace: microsoft.graph
Represents the policy to specify the characteristics of SAML tokens issued by Microsoft Entra ID. You can use token-issuance policies to:
- Set signing options
- Set signing algorithm
- Set SAML token version
Inherits from stsPolicy.
Methods
Method | Return Type | Description |
---|---|---|
List | tokenIssuancePolicy | Read properties and relationships of tokenIssuancePolicy objects. |
Create | tokenIssuancePolicy | Create a tokenIssuancePolicy object. |
Get | tokenIssuancePolicy | Read properties and relationships of a tokenIssuancePolicy object. |
Update | None | Update a tokenIssuancePolicy object. |
Delete | None | Delete a tokenIssuancePolicy object. |
List applied to applications | directoryObject collection | Get the list of directoryObjects that this policy has been applied to. |
Properties
Property | Type | Description |
---|---|---|
definition | String collection | A string collection containing a JSON string that defines the rules and settings for this policy. See below for more details about the JSON schema for this property. Required. |
description | String | Description for this policy. |
displayName | String | Display name for this policy. Required. |
id | String | Unique identifier for this policy. Read-only. |
isOrganizationDefault | Boolean | Ignore this property. The token-issuance policy can only be applied to service principals and can't be set globally for the organization. |
Properties of a token issuance policy definition
The properties form the JSON object that represents a token issuance policy. This JSON object must be converted to a string with quotations escaped to be inserted into the definition property. The following is an example in JSON format:
"definition": [
"{ \"TokenIssuancePolicy\":{\"TokenResponseSigningPolicy\":\"TokenOnly\",\"SamlTokenVersion\":\"1.1\",\"SigningAlgorithm\":\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\",\"Version\":\"1\",\"EmitSAMLNameFormat\": \"true\"}}"
]
Property | Type | Description |
---|---|---|
EmitSamlNameFormat | Boolean | If selected, Microsoft Entra ID will add an additional attribute called "NameFormat" that describes the format of the name to restricted, core, and optional claims for this application. Learn more |
SamlTokenVersion | String | Version of the SAML token. Supported values are: 1.1 , 2.0 . |
SigningAlgorithm | String | Signing algorithm use by Microsoft Entra ID to sign the SAML token. Supported values are: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 , http://www.w3.org/2000/09/xmldsig#rsa-sha1 . |
Version | Integer | Set value of 1. Required. |
TokenResponseSigningPolicy | String | Represents the certificate signing options available in Microsoft Entra ID. Supported values are: ResponseOnly , TokenOnly , ResponseAndToken . |
Relationships
Relationship | Type | Description |
---|---|---|
appliesTo | directoryObject collection | The directoryObject collection that this policy has been applied to. Read-only. |
JSON representation
The following is a JSON representation of the resource.
{
"definition": ["String"],
"description": "String",
"displayName": "String",
"id": "String (identifier)",
"isOrganizationDefault": true,
}
प्रतिक्रिया
https://aka.ms/ContentUserFeedback.
जल्द आ रहा है: 2024 के दौरान हम सामग्री के लिए फीडबैक तंत्र के रूप में GitHub मुद्दों को चरणबद्ध तरीके से समाप्त कर देंगे और इसे एक नई फीडबैक प्रणाली से बदल देंगे. अधिक जानकारी के लिए, देखें:के लिए प्रतिक्रिया सबमिट करें और देखें