ServiceKey

Updated: June 19, 2015

Applies To: Azure

This topic provides descriptions and legal values for the properties of the ServiceKey entity of the Microsoft Azure Active Directory Access Control (also known as Access Control Service or ACS) Management Service.

ServiceKey Properties

Property name Type Is nullable Description

Id

Int64

False

Specifies the unique identifier of the service key. This value is automatically set by ACS.

Usage

String

True

This property can be set to only a few legal values. For more information, see Usage Property Legal Values.

Type

String

True

This property can be set to only a few legal values. For more information, see Type Property Legal Values.

Value

Binary

True

Specifies the value of the service key.

Password

Binary

True

If the key is an X.509 certificate with a private key, then this field contains the password that is used to decrypt the private key.

IsPrimary

Boolean

False

Specifies whether the service key is primary.

SystemReserved

Boolean

False

Specifies whether the ServiceKey entity is reserved by ACS. Reserved entities cannot be deleted or edited.

StartDate

DateTime

False

Specifies the start date of the service key.

EndDate

DateTime

False

Specifies the end date of the service key.

DisplayName

String

True

Specifies the display name of the service key.

Version

Binary

True

This property contains a time stamp that is automatically set by ACS.

The following table provides all of the legal values for the Usage property of the ServiceKey entity of the ACS Management Service.

Note

All property values are case-sensitive.

Value Description

Signing

Specifies that the service key is used for token and metadata signing.

Encrypting

Specifies that the service key is used to decrypt tokens received from identity providers.

Management

Specifies that the service key is used as a Management Service credential for managing the Access Control namespace. These credentials are associated with the default ManagementClient Management Service account.

The following table provides all of the legal values for the Type property of the ServiceKey entity of the ACS Management Service.

Note

All property values are case-sensitive.

Value Description

X509Certificate

Specifies that the service key is an X.509 certificate with a private key (.pfx file), which is used for signing or decrypting SAML tokens.

Password

Specifies that the service key is a password. Used for management keys only.

Symmetric

Specifies that the service key is a 256-bit base 64-encoded symmetric key, which is only used to sign SWT tokens.

See Also

Concepts

ACS Management Service API Reference