This documentation is archived and is not being maintained.

DataProtectionSecurityStateEncoder Class

Provides encoding and decoding mechanisms for the security state using the Windows DataProtection API functionality.

Namespace:  System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public ref class DataProtectionSecurityStateEncoder : public SecurityStateEncoder

This class is used for encoding the security state as represented by a Stateful Security Context Token when the message is sent, and for decoding the security context when the message arrives at a recipient.

The encoding can either be in the current user scope (whereby only processes running as the user account can decode the security state) or it can be in the local machine scope (whereby all processes running on the machine can decode the security state). By default, the encoding is in the current user scope.

This class is used by the server when sending the security state in the Stateful Security Context Token issued to the client.

DataProtection based on the CurrentUser scope requires the current user to have a user profile. If the user has a roaming profile, then the security state encoded by the user process running on one machine can be decoded by a user process running on a different machine.


Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0