Esporta (0) Stampa
Espandi tutto

ACS Management Service API Reference

An entity data model organizes the ACS configuration data in the form of records of entity types (or entities) and the associations between them. The data model is described in the OData Service Metadata Document available at: https://<namespace>.accesscontrol.windows.net/v2/mgmt/service/$metadata, where <namespace> is the name of your service namespace.

This XML document uses a conceptual schema definition language (CDSL) to describe the available data. You can download this document and use it to generate typed classes in your code. The following table has a description of all of the ACS entity types.

 

Entity Description

ClaimType

Represents claim types imported from the WS-Federation metadata of WS-Federation identity providers. This is used primarily to populate the list of supported claim types for each identity provider in the ACS Management Portal.

Delegation

Represents a list of clients that have been granted delegated access in OAuth 2.0 delegation scenarios.

IdentityProvider

Represents an identity provider. For more information about identity providers, see Provider di identità.

IdentityProviderAddress

Represents a URI that is associated with an identity provider. Supported URI types include SignIn, SignOut, EmailDomain, ImageURL, and FedMetadataURL.

IdentityProviderClaimType

Represents the list of ClaimType entities that are supported by the identity provider.

IdentityProviderKey

Represents certificates and keys associated with the identity provider. This typically includes token validation certificates imported from the identity provider’s WS-Federation metadata or keys input directly into the ACS configuration (such as Facebook application keys).

Issuer

Represents a claims issuer that is another representation of an identity provider that is used specifically by the ACS rules engine. ACS also has its own built-in issuer, named LOCAL_AUTHORITY, which is the issuer for claims output by ACS. Every identity provider has an associated issuer and every issuer that’s not LOCAL_AUTHORITY has an associated identity provider.

RelyingParty

Represents a relying party application. For more information about relying party applications, see Applicazioni relying party.

RelyingPartyAddress

Represents a URI that is associated with a relying party application. Supported URI types include Realm, Reply (Return URL), and Error (Error URL).

RelyingPartyIdentityProvider

Represents which identity providers are associated with which relying party applications in a given ACS namespace.

RelyingPartyKey

Represents certificates and keys associated with a relying party application. This includes token signing certificates and symmetric keys associated directly with the application, in addition to encryption certificates.

RelyingPartyRuleGroup

Represents the list of RuleGroup entities that are associated with the relying party application.

Rule

Represents a rule. For more information about rules, see Regole e gruppi di regole.

Conditional Rule

Represents a rule with two input claims. For more information, see Regole e gruppi di regole.

RuleGroup

Represents a rule group. For more information about rule groups, see Regole e gruppi di regole.

ServiceIdentity

Represents a service identity. For more information about service identities, see Identità del servizio.

ServiceIdentityKey

Represents credentials associated with service identities. This includes X.509 certificates, symmetric keys, and passwords.

ServiceKey

Represents certificates and keys assigned to the service namespace. This includes token signing certificates and symmetric keys, token decryption certificates, and Management Service credentials for the default ManagementClient account. This does not include certificates and keys explicitly assigned to a relying party application, identity provider, or service identity.

Vedere anche

Mostra:
© 2014 Microsoft