Export (0) Print
Expand All
Expand Minimize

System.IdentityModel.Tokens Namespace

The System.IdentityModel.Tokens namespace contains classes that represent security tokens, security token handlers, key identifier clauses and other artifacts used in token generation and processing. The namespace contains base classes such as SecurityToken, SecurityTokenHandler, and SecurityKeyIdentifierClause, as well as classes that derive from these classes and represent several of the token types, artifacts, and handlers for which the Windows Identity Foundation (WIF) has built in support. This includes classes that contain support for SAML v1.1 and v2.0 tokens, such as: SamlSecurityToken, SamlSecurityTokenHandler, Saml2SecurityToken, and Saml2SecurityTokenHandler.

  Class Description
Public class AggregateTokenResolver Represents a security token resolver that can wrap multiple token resolvers and resolve tokens across all of the wrapped resolvers.
Public class AsymmetricProofDescriptor This class can be used for issuing the asymmetric key based token.
Public class AsymmetricSecurityKey Base class for asymmetric keys.
Public class AudienceRestriction Defines settings for an AudienceRestriction verification.
Public class AudienceUriValidationFailedException The exception that is thrown when an incoming security token fails Audience URI validation.
Public class AuthenticationContext This class is used to specify the context of an authentication event.
Public class AuthenticationMethods Defines constants for supported well-known authentication methods. Defines constants for SAML authentication methods.
Public class BinaryKeyIdentifierClause Represents a base class for key identifier clauses that are based upon binary data.
Public class BootstrapContext Contains a serialized version of the original token that was used at sign-in time.
Public class ComputedKeyAlgorithms Used in the RST to indicate the desired algorithm with which to compute a key based on the combined entropies from both the token requestor and the token issuer.
Public class ConfigurationBasedIssuerNameRegistry Represents an issuer name registry that maintains a list of trusted issuers loaded from elements in the application configuration file that associate each issuer name to the X.509 certificate that is needed to verify the signature of tokens produced by the issuer.
Public class EmptySecurityKeyIdentifierClause Represents an empty key identifier clause. This class is used when an <EncryptedData> or a <Signature> element does not contain a <KeyInfo> element, which is used to describe the key required to decrypt the data or check the signature.
Public class EncryptedKeyEncryptingCredentials Represents the encrypted key encrypting credentials. These are usually used as data encrypting credentials to encrypt things like tokens.
Public class EncryptedKeyIdentifierClause Represents a key identifier clause that identifies an encrypted key.
Public class EncryptedSecurityToken A wrapping-token that handles encryption for a token that does not natively support it.
Public class EncryptedSecurityTokenHandler A token handler for encrypted security tokens. Handles tokens of type EncryptedSecurityToken.
Public class EncryptedTokenDecryptionFailedException The exception that is thrown when an error occurs while processing an encrypted security token.
Public class EncryptingCredentials Represents the cryptographic key and encrypting algorithm that are used to encrypt the proof key.
Public class GenericXmlSecurityKeyIdentifierClause Represents a key identifier clause that is based on XML.
Public class GenericXmlSecurityToken Represents a security token that is based upon XML.
Public class InMemorySymmetricSecurityKey Represents keys that are generated using symmetric algorithms and are only stored in the local computer's random access memory.
Public class IssuerNameRegistry The abstract base class for an issuer name registry. An issuer name registry is used to associate a mnemonic name to the cryptographic material that is needed to verify the signatures of tokens produced by the corresponding issuer. The issuer name registry maintains a list of issuers that are trusted by a relying party (RP) application.
Public class IssuerTokenResolver Resolves issuer tokens received from service partners.
Public class KerberosReceiverSecurityToken Represents a security token that is based upon a Kerberos ticket that is received in a SOAP message.
Public class KerberosRequestorSecurityToken Represents a security token that is based upon a Kerberos ticket that is sent in an SOAP request.
Public class KerberosSecurityTokenHandler Represents a security token handler that processes Kerberos tokens. Handles tokens of type KerberosReceiverSecurityToken.
Public class KerberosTicketHashKeyIdentifierClause Represents a key identifier clause that identifies a KerberosRequestorSecurityToken or KerberosReceiverSecurityToken security token.
Public class LocalIdKeyIdentifierClause Represents a key identifier clause that identifies a security tokens specified in the security header of the SOAP message.
Public class ProofDescriptor The base class for the SymmetricProofDescriptor and AsymmetricProofDescriptor classes.
Public class RsaKeyIdentifierClause Represents a key identifier clause that identifies a RsaSecurityToken security token.
Public class RsaSecurityKey Represents a security key that is generated using the RSA algorithm. This class cannot be inherited.
Public class RsaSecurityToken Represents a security token that is based upon key that is created using the RSA algorithm.
Public class RsaSecurityTokenHandler Represents a SecurityTokenHandler that processes tokens of type RsaSecurityToken.
Public class Saml2Action Represents a <saml:Action> element defined by SAML 2.0.
Public class Saml2Advice Represents the Advice element specified in [Saml2Core, 2.6.1].
Public class Saml2Assertion Represents the Assertion element specified in [Saml2Core, 2.3.3].
Public class Saml2AssertionKeyIdentifierClause Represents a SecurityKeyIdentifierClause implementation for referencing SAML2-based security tokens.
Public class Saml2Attribute Represents the Attribute element specified in [Saml2Core, 2.7.3.1].
Public class Saml2AttributeStatement Represents the AttributeStatement element specified in [Saml2Core, 2.7.3].
Public class Saml2AudienceRestriction Represents the AudienceRestriction element specified in [Saml2Core, 2.5.1.4].
Public class Saml2AuthenticationContext Represents the AuthnContext element specified in [Saml2Core, 2.7.2.2].
Public class Saml2AuthenticationStatement Represents the AuthnStatement element specified in [Saml2Core, 2.7.2].
Public class Saml2AuthorizationDecisionStatement Represents the <saml:AuthzDecisionStatement> element defined by SAML 2.0.
Public class Saml2Conditions Represents the Conditions element specified in [Saml2Core, 2.5.1].
Public class Saml2Evidence Represents the Evidence element specified in [Saml2Core, 2.7.4.3].
Public class Saml2Id Represents the identifier used for SAML assertions.
Public class Saml2NameIdentifier Represents the NameID element as specified in [Saml2Core, 2.2.3] or the EncryptedID element as specified in [Saml2Core, 2.2.4].
Public class Saml2ProxyRestriction Represents the ProxyRestriction element specified in [Saml2Core, 2.5.1.6].
Public class Saml2SecurityKeyIdentifierClause This class is used when a Saml2Assertion is received without a <ds:KeyInfo> element inside the signature element. The KeyInfo describes the key required to check the signature. When the key is needed this clause will be presented to the current SecurityTokenResolver. It will contain the Saml2Assertion fully read which can be queried to determine the key required.
Public class Saml2SecurityToken Represents a security token that is based upon a SAML assertion.
Public class Saml2SecurityTokenHandler Represents a security token handler that creates security tokens from SAML 2.0 Assertions.
Public class Saml2Statement Represents the StatementAbstractType specified in [Saml2Core, 2.7.1].
Public class Saml2Subject Represents the Subject element specified in [Saml2Core, 2.4.1].
Public class Saml2SubjectConfirmation Represents the SubjectConfirmation element specified in [Saml2Core, 2.4.1.1].
Public class Saml2SubjectConfirmationData Represents the SubjectConfirmationData element and the associated KeyInfoConfirmationDataType defined in [Saml2Core, 2.4.1.2-2.4.1.3].
Public class Saml2SubjectLocality Represents the SubjectLocality element specified in [Saml2Core, 2.7.2.1].
Public class SamlAction Represents the <saml:Action> element within a SAML assertion that contains an action on a specified resource.
Public class SamlAdvice Represents the <saml:Advice> element within a SAML assertion that contains additional information provided by the SAML authority.
Public class SamlAssertion Represents a Security Assertion Markup Language 1.1 (SAML 1.1) assertion.
Public class SamlAssertionKeyIdentifierClause Represents a <KeyIndentifier> element that references a <saml:Assertion> element in a SOAP message.
Public class SamlAttribute Represents an attribute that is associated with the subject of a SamlAttributeStatement.
Public class SamlAttributeStatement Contains a set of attributes associated with a particular SamlSubject.
Public class SamlAudienceRestrictionCondition Specifies that a SAML assertion is addressed to a particular audience.
Public class SamlAuthenticationClaimResource Represents the resource type for a claim that is created from a SamlAuthenticationStatement.
Public class SamlAuthenticationStatement Represents a claim for a SamlSecurityToken security token that asserts that the subject was authenticated by a particular means at a particular time.
Public class SamlAuthorityBinding Specifies how to retrieve additional information about the subject of a SamlSecurityToken security token.
Public class SamlAuthorizationDecisionClaimResource Represents a claim for a SamlSecurityToken security token that asserts an authorization decision regarding access to a specific resource.
Public class SamlAuthorizationDecisionStatement Represents a claim for a SamlSecurityToken security token that asserts that an authorization decision regarding access by the subject to the specified resource has been made.
Public class SamlCondition Represents a condition that must be taken into account when assessing the validity of a SAML assertion.
Public class SamlConditions Represents a set of conditions that must be taken into account when assessing the validity of a SAML assertion.
Public class SamlConstants Represents a set of constants that are used to set properties of a SamlSecurityToken security token. This class cannot be inherited.
Public class SamlDoNotCacheCondition Represents a condition that must be taken into account when assessing the validity of a SAML assertion.
Public class SamlEvidence Represents the evidence used to render an authorization decision for a SamlSecurityToken security token.
Public class SamlNameIdentifierClaimResource Represents a claim for a SAML security token that asserts the subject's name.
Public class SamlSecurityKeyIdentifierClause This class is used when a SamlAssertion is received without a <ds:KeyInfo> element inside the signature element. The KeyInfo describes the key required to check the signature. When the key is needed this clause will be presented to the current SecurityTokenResolver. It will contain the SamlAssertion fully read which can be queried to determine the key required.
Public class SamlSecurityToken Represents a security token that is based upon a SAML assertion.
Public class SamlSecurityTokenHandler Represents a security token handler that creates security tokens from SAML 1.1 Assertions.
Public class SamlSecurityTokenRequirement Extends the SecurityTokenRequirement class by adding new properties that are useful for issued tokens.
Public class SamlSerializer Serializes and deserializes SamlSecurityToken objects into and from XML documents.
Public class SamlStatement Represents a claim for a SamlSecurityToken security token.
Public class SamlSubject Represents the subject of a SAML security token.
Public class SamlSubjectStatement Represents a claim for a SamlSecurityToken security token.
Public class SecurityAlgorithms Defines constants for the URIs that represent the cryptographic algorithms that are used to encrypt XML and compute digital signatures for SOAP messages.
Public class SecurityKey Base class for security keys.
Public class SecurityKeyElement Provides delayed resolution of security keys by resolving the SecurityKeyIdentifierClause or SecurityKeyIdentifier only when cryptographic functions are needed. This allows a key identifier clause or key identifier that is never used by an application to be serialized and deserialzied on and off the wire without issues.
Public class SecurityKeyIdentifier Represents a key identifier.
Public class SecurityKeyIdentifierClause Represents an abstract base class for a key identifier clause.
Public class SecurityKeyIdentifierClauseSerializer Abstract base class for a serializer that can serialize and deserialize key identifier clauses.
Public class SecurityToken Represents a base class used to implement all security tokens.
Public class SecurityTokenDescriptor This is a place holder for all the attributes related to the issued token
Public class SecurityTokenElement Represents a number elements found in a RequestSecurityToken which represent security tokens.
Public class SecurityTokenException The exception that is thrown when a problem occurs while processing a security token.
Public class SecurityTokenExpiredException The exception that is thrown when a security token that has an expiration time in the past is received.
Public class SecurityTokenHandler The abstract base class for security token handlers.
Public class SecurityTokenHandlerCollection Represents a collection of security token handlers.
Public class SecurityTokenHandlerCollectionManager A class that manages multiple, named security token handler collections.
Public class SecurityTokenHandlerCollectionManager.Usage Defines standard collection names used by the framework.
Public class SecurityTokenHandlerConfiguration Configuration common to all security token handlers.
Public class SecurityTokenNotYetValidException The exception that is thrown when a security token that has an effective time in the future is received.
Public class SecurityTokenReplayDetectedException The exception that is thrown when a security token that has been replayed is received.
Public class SecurityTokenTypes Contains a set of static properties that returns strings that represent security token types.
Public class SecurityTokenValidationException The exception that is thrown when a received security token is invalid.
Public class SessionSecurityToken Defines a security token that contains data associated with a session.
Public class SessionSecurityTokenCache Defines an abstract class for a cache of session security tokens.
Public class SessionSecurityTokenCacheKey Represents the key for an entry in a SessionSecurityTokenCache.
Public class SessionSecurityTokenHandler A SecurityTokenHandler that processes security tokens of type SessionSecurityToken.
Public class SigningCredentials Represents the cryptographic key and security algorithms that are used to generate a digital signature.
Public class SymmetricProofDescriptor This class can be used for issuing the symmetric key based token.
Public class SymmetricSecurityKey Represents the abstract base class for all keys that are generated using symmetric algorithms.
Public class TokenReplayCache The abstract base class that defines methods for a cache used to detect replayed tokens.
Public class UserNameSecurityToken Represents a security token that is based upon a user name and password.
Public class UserNameSecurityTokenHandler Defines an abstract base class for a SecurityTokenHandler that processes security tokens of type UserNameSecurityToken.
Public class WindowsSecurityToken Represents a security token that is based on the identity of a Windows domain or user account.
Public class WindowsUserNameSecurityTokenHandler Defines a SecurityTokenHandler that processes Windows Username tokens.
Public class X509AsymmetricSecurityKey Represents an asymmetric key for X.509 certificates.
Public class X509CertificateStoreTokenResolver Represents a token resolver that can resolve tokens of type X509SecurityToken against a specified X.509 certificate store.
Public class X509DataSecurityKeyIdentifierClauseSerializer Represents a SecurityKeyIdentifierClauseSerializer that can process X.509 certificate reference types.
Public class X509EncryptingCredentials Represents an X.509 token used as the encrypting credential. This class is usually used as key wrapping credentials.
Public class X509IssuerSerialKeyIdentifierClause Represents a key identifier clause that identifies a X509SecurityToken security tokens using the distinguished name of the certificate issuer and the X.509 certificate's serial number.
Public class X509NTAuthChainTrustValidator Represents an X.509 certificate validator that will validate a specified X.509 certificate and verify whether the certificate can be mapped to a Windows account and whether the certificate chain is trusted.
Public class X509RawDataKeyIdentifierClause Represents a key identifier clause that identifies a X509SecurityToken security token using the X.509 certificate's raw data.
Public class X509SecurityToken Represents a security token that is based upon an X.509 certificate.
Public class X509SecurityTokenHandler Represents a security token handler that processes tokens of type X509SecurityToken. By default, the handler will perform chain-trust validation of the X.509 certificate.
Public class X509SigningCredentials Represents an X.509 token used as the signing credential.
Public class X509SubjectKeyIdentifierClause Represents a key identifier clause that identifies a X509SecurityToken security token using the X.509 certificate's subject key identifier extension.
Public class X509ThumbprintKeyIdentifierClause Represents a key identifier clause that identifies a X509SecurityToken security tokens using the X.509 certificate's thumbprint.
Public class X509WindowsSecurityToken Represents a security token that is based upon an X.509 certificate and that the certificate is mapped to a Windows domain user or local computer user account.

  Enumeration Description
Public enumeration SamlAccessDecision Specifies whether the subject of a SamlSecurityToken security token is granted access to a given resource.
Public enumeration SecurityKeyType Specifies the type of key that is associated with a security token.
Public enumeration SecurityKeyUsage Specifies how a key that is associated with a security token can be used.
Show:
© 2014 Microsoft