2.2.7.12 FEDAUTHINFO

Token Stream Name:

 FEDAUTHINFO

Token Stream Function:

Introduced in TDS 7.4, federated authentication information is returned to the client to be used for generating a Federated Authentication Token during the login process. This token MUST be the only token in a Federated Authentication Information message and MUST NOT be included in any other message type.<63>

Token Stream Comments:

  • The token value is 0xEE.

Token Stream-Specific Rules:

 TokenType              =   BYTE
  
 TokenLength            =   DWORD               ; (introduced in TDS 7.4)
  
 CountOfInfoIDs         =   DWORD               ; (introduced in TDS 7.4)
  
 FedAuthInfoID          =   BYTE                ; (introduced in TDS 7.4)
 FedAuthInfoDataLen     =   DWORD               ; (introduced in TDS 7.4)
 FedAuthInfoDataOffset  =   DWORD               ; (introduced in TDS 7.4)
 FedAuthInfoData        =   VARBYTES            ; (introduced in TDS 7.4)
  
 FedAuthInfoOpt         =  (FedAuthInfoID       ; (introduced in TDS 7.4)
                            FedAuthInfoDataLen
                            FedAuthInfoDataOffset)

Token Stream Definition:

 FEDAUTHINFO            =   TokenType           ; (introduced in TDS 7.4)
                            TokenLength
                            CountOfInfoIDs
                            1*FedAuthInfoOpt
                            FedAuthInfoData

Token Stream Parameter Details

Parameter

Description

TokenType

FEDAUTHINFO_TOKEN

TokenLength

The length of the whole Federated Authentication Information token, not including the size occupied by TokenLength itself. The minimum value for this field is sizeof(DWORD) because the field CountOfInfoIDs MUST be present even if no federated authentication information is sent as part of the token.

CountOfInfoIDs

The number of federated authentication information options that are sent in the token. If no FedAuthInfoOpt is sent in the token, this field MUST be present and set to 0.

FedAuthInfoID

The unique identifier number for the type of information.

FedAuthInfoDataLen

The length of FedAuthInfoData, in bytes.

FedAuthInfoDataOffset

The offset at which the federated authentication information data for FedAuthInfoID is present, measured from the address of CountOfInfoIDs.

FedAuthInfoData

The actual information data as binary, with the length in bytes equal to FedAuthInfoDataLen.

The following table describes the FedAuthInfo feature option and description.

FedAuthInfoID

FedAuthInfoData Description

%0x00

Reserved.

%0x01

(STSURL)

A Unicode string that represents the token endpoint URL from which to acquire a Federated Authentication Token.

%0x02

(SPN)

A Unicode string that represents the Service Principal Name (SPN) to use for acquiring a Federated Authentication Token. SPN is a string that represents the resource in a directory.