Esporta (0) Stampa
Espandi tutto

ACS Management Service API Reference

An entity data model organizes the ACS configuration data in the form of records of entity types (or entities) and the associations between them. The data model is described in the OData Service Metadata Document available at: https://<namespace>$metadata, where <namespace> is the name of your service namespace.

This XML document uses a conceptual schema definition language (CDSL) to describe the available data. You can download this document and use it to generate typed classes in your code. The following table has a description of all of the ACS entity types.


Entity Description


Represents claim types imported from the WS-Federation metadata of WS-Federation identity providers. This is used primarily to populate the list of supported claim types for each identity provider in the ACS Management Portal.


Represents a list of clients that have been granted delegated access in OAuth 2.0 delegation scenarios.


Represents an identity provider. For more information about identity providers, see Provider di identità.


Represents a URI that is associated with an identity provider. Supported URI types include SignIn, SignOut, EmailDomain, ImageURL, and FedMetadataURL.


Represents the list of ClaimType entities that are supported by the identity provider.


Represents certificates and keys associated with the identity provider. This typically includes token validation certificates imported from the identity provider’s WS-Federation metadata or keys input directly into the ACS configuration (such as Facebook application keys).


Represents a claims issuer that is another representation of an identity provider that is used specifically by the ACS rules engine. ACS also has its own built-in issuer, named LOCAL_AUTHORITY, which is the issuer for claims output by ACS. Every identity provider has an associated issuer and every issuer that’s not LOCAL_AUTHORITY has an associated identity provider.


Represents a relying party application. For more information about relying party applications, see Applicazioni relying party.


Represents a URI that is associated with a relying party application. Supported URI types include Realm, Reply (Return URL), and Error (Error URL).


Represents which identity providers are associated with which relying party applications in a given ACS namespace.


Represents certificates and keys associated with a relying party application. This includes token signing certificates and symmetric keys associated directly with the application, in addition to encryption certificates.


Represents the list of RuleGroup entities that are associated with the relying party application.


Represents a rule. For more information about rules, see Regole e gruppi di regole.

Conditional Rule

Represents a rule with two input claims. For more information, see Regole e gruppi di regole.


Represents a rule group. For more information about rule groups, see Regole e gruppi di regole.


Represents a service identity. For more information about service identities, see Identità del servizio.


Represents credentials associated with service identities. This includes X.509 certificates, symmetric keys, and passwords.


Represents certificates and keys assigned to the service namespace. This includes token signing certificates and symmetric keys, token decryption certificates, and Management Service credentials for the default ManagementClient account. This does not include certificates and keys explicitly assigned to a relying party application, identity provider, or service identity.

Vedere anche

© 2014 Microsoft