<issuedToken>
Specifies a custom token used to authenticate a client to a service.
Schema Hierarchy
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior> of <endpointBehaviors>
<clientCredentials>
<issuedToken>
Syntax
<issuedToken
cacheIssuedTokens="Boolean"
defaultKeyEntropyMode="ClientEntropy/ServerEntropy/CombinedEntropy"
issuedTokenRenewalThresholdPercentage = "0 to 100"
issuerChannelBehaviors="String"
localIssuerChannelBehaviors="String"
maxIssuedTokenCachingTime="TimeSpan"
</issuedToken>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
Attribute | Description |
---|---|
cacheIssuedTokens |
Optional Boolean attribute that specifies whether tokens are cached. The default is true. |
defaultKeyEntropyMode |
Optional string attribute that specifies which random values (entropies) are used for handshake operations. Values include ClientEntropy, ServerEntropy, and CombinedEntropy, The default is CombinedEntropy. This attribute is of type SecurityKeyEntropyMode. |
issuedTokenRenewalThresholdPercentage |
Optional integer attribute that specifies the percentage of a valid time frame (supplied by the token issuer) that can pass before a token is renewed. Values are from 0 to 100. The default is 60, which specifies 60% of the time passes before a renewal is attempted. |
issuerChannelBehaviors |
Optional attribute that specifies the channel behaviors to use when communicating with the issuer. |
localIssuerChannelBehaviors |
Optional attribute that specifies the channel behaviors to use when communicating with the local issuer. |
maxIssuedTokenCachingTime |
Optional Timespan attribute that specifies the duration that issued tokens are cached when the token issuer (an STS) does not specify a time. The default is “10675199.02:48:05.4775807.” |
Child Elements
Element | Description |
---|---|
Specifies the address of the local issuer of the token and the binding used to communicate with the endpoint. |
|
Specifies the endpoint behaviors to use when contacting a local issuer. |
Parent Elements
Element | Description |
---|---|
Specifies the credentials used to authenticate a client to a service. |
Remarks
An issued token is a custom credential type used, for example, when authenticating with a Secure Token Service (STS) in a federated scenario. By default, the token is a SAML token. For more information, see Federation and SAML. and Federation and Issued Tokens.
This section contains the elements used to configure a local issuer of tokens, or behaviors used with an security token service. For instructions on configuring a client to use a local issuer, see How to: Configure a Local Issuer.
See Also
Reference
IssuedTokenClientElement
ClientCredentialsElement
ClientCredentials
IssuedToken
IssuedToken
IssuedTokenClientCredential
Other Resources
Security Behaviors in WCF
Securing Services and Clients
Federation and SAML
Securing Clients
How To: Create a Federated Client
How To: Configure a Local Issuer
Federation and Issued Tokens
© 2007 Microsoft Corporation. All rights reserved.
Last Published: 2010-01-05