匯出 (0) 列印
全部展開
本主題尚未接受評分 - 為這個主題評分

ACS Management Service API Reference

An entity data model organizes the ACS configuration data in the form of records of entity types (or entities) and the associations between them. The data model is described in the OData Service Metadata Document available at: https://<namespace>.accesscontrol.windows.net/v2/mgmt/service/$metadata, where <namespace> is the name of your service namespace.

This XML document uses a conceptual schema definition language (CDSL) to describe the available data. You can download this document and use it to generate typed classes in your code. The following table has a description of all of the ACS entity types.

 

Entity Description

ClaimType

Represents claim types imported from the WS-Federation metadata of WS-Federation identity providers. This is used primarily to populate the list of supported claim types for each identity provider in the ACS Management Portal.

委派

Represents a list of clients that have been granted delegated access in OAuth 2.0 delegation scenarios.

IdentityProvider

Represents an identity provider. For more information about identity providers, see 身分識別提供者.

IdentityProviderAddress

Represents a URI that is associated with an identity provider. Supported URI types include SignIn, SignOut, EmailDomain, ImageURL, and FedMetadataURL.

IdentityProviderClaimType

Represents the list of ClaimType entities that are supported by the identity provider.

IdentityProviderKey

Represents certificates and keys associated with the identity provider. This typically includes token validation certificates imported from the identity provider’s WS-Federation metadata or keys input directly into the ACS configuration (such as Facebook application keys).

簽發者

Represents a claims issuer that is another representation of an identity provider that is used specifically by the ACS rules engine. ACS also has its own built-in issuer, named LOCAL_AUTHORITY, which is the issuer for claims output by ACS. Every identity provider has an associated issuer and every issuer that’s not LOCAL_AUTHORITY has an associated identity provider.

RelyingParty

Represents a relying party application. For more information about relying party applications, see 信賴憑證者應用程式.

RelyingPartyAddress

Represents a URI that is associated with a relying party application. Supported URI types include Realm, Reply (Return URL), and Error (Error URL).

RelyingPartyIdentityProvider

Represents which identity providers are associated with which relying party applications in a given ACS namespace.

RelyingPartyKey

Represents certificates and keys associated with a relying party application. This includes token signing certificates and symmetric keys associated directly with the application, in addition to encryption certificates.

RelyingPartyRuleGroup

Represents the list of RuleGroup entities that are associated with the relying party application.

規則

Represents a rule. For more information about rules, see 規則群組與規則.

Conditional Rule

Represents a rule with two input claims. For more information, see 規則群組與規則.

RuleGroup

Represents a rule group. For more information about rule groups, see 規則群組與規則.

ServiceIdentity

Represents a service identity. For more information about service identities, see 服務身分識別.

ServiceIdentityKey

Represents credentials associated with service identities. This includes X.509 certificates, symmetric keys, and passwords.

ServiceKey

Represents certificates and keys assigned to the service namespace. This includes token signing certificates and symmetric keys, token decryption certificates, and Management Service credentials for the default ManagementClient account. This does not include certificates and keys explicitly assigned to a relying party application, identity provider, or service identity.

另請參閱

本文對您有任何幫助嗎?
(剩餘 1500 個字元)
感謝您提供意見
Microsoft 正展開一份線上問卷調查,了解您對於 MSDN 網站的看法。 如果您選擇參加,您離開 MSDN 網站時即會顯示線上問卷調查。

您是否想要參加?
顯示:
© 2014 Microsoft. 著作權所有,並保留一切權利。