<add> of <allowedAudienceUris>
Adds a target Uri for which the SamlSecurityToken security token can be targeted for in order to be considered valid by a SamlSecurityTokenAuthenticator instance.
<configuration>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<issuedTokenAuthentication>
<allowedAudienceUris>
<add>
Syntax
<allowedAudienceUris>
<add allowedAudienceUri="String" />
</allowedAudienceUris>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
Attribute | Description |
---|---|
allowedAudienceUri | A string that contains a target Uri for which the SamlSecurityToken security token can be targeted for in order to be considered valid by a SamlSecurityTokenAuthenticator instance. |
Child Elements
None.
Parent Elements
Element | Description |
---|---|
<allowedAudienceUris> | Represents a collection of target URIs for which the SamlSecurityToken security token can be targeted for in order to be considered valid by a SamlSecurityTokenAuthenticator instance. |
Remarks
You should use this collection in a federated application that utilizes a security token service (STS) that issues SamlSecurityToken security tokens. When the STS issues the security token, it can specify the URI of the Web services for which the security token is intended by adding a SamlAudienceRestrictionCondition to the security token. That allows the SamlSecurityTokenAuthenticator for the recipient Web service to verify that the issued security token is intended for this Web service by specifying that this check should happen by doing the following:
Set the
audienceUriMode
attribute of<issuedTokenAuthentication>
to Always or BearerKeyOnly.Specify the set of valid URIs, by adding the URIs to this collection.
For more information, see SamlSecurityTokenAuthenticator.
For more information on using this configuration element, see How to: Configure Credentials on a Federation Service.
See also
- SamlSecurityTokenAuthenticator
- AllowedAudienceUris
- AudienceUriMode
- AllowedAudienceUris
- AllowedAudienceUriElementCollection
- AllowedAudienceUriElement
- AllowedAudienceUris
- <allowedAudienceUris>
- <issuedTokenAuthentication>
- Security Behaviors
- Securing Services and Clients
- How to: Configure Credentials on a Federation Service