<add> of <claimTypeRequirements>
Specifies the types of required and optional claims expected to appear in the federated credential. For example, services state the requirements on incoming credentials, which must possess a certain set of claim types.
<claimTypeRequirements> <add claimType="URI" isOptional="Boolean" /> </claimTypeRequirements>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
|claimType||A URI that defines the type of a claim. For example, to purchase a product from a Web site, the user must present a valid credit card with sufficient credit limit. The claim type would be the credit card URI.|
|isOptional||A Boolean value that specifies if this is for an optional claim. Set this attribute to
You can use this attribute when the service asks for some information but does not require it. For example, if you require the user to enter his/her first name, last name and address, but decide that phone number is optional.
|<claimTypeRequirements>||Specifies a collection of required claim types.
In a federated scenario, services state the requirements on incoming credentials. For example, the incoming credentials must possess a certain set of claim types. Each element in this collection specifies the types of required and optional claims expected to appear in a federated credential.
In a federated scenario, services state the requirements on incoming credentials. For example, the incoming credentials must possess a certain set of claim types. This requirement is manifested in a security policy. When a client requests credentials from a federated service (for example, CardSpace), it puts the requirements into a token request (RequestSecurityToken) so that the federated service can issue the credentials that satisfy the requirements accordingly.
The following configuration adds two claim type requirements to a security binding.
<bindings> <wsFederationHttpBinding> <binding name="myFederatedBinding"> <security mode="Message"> <message issuedTokenType="urn:oasis:names:tc:SAML:1.0:assertion"> <claimTypeRequirements> <add claimType="http://schemas.microsoft.com/ws/2005/05/identity/claims/EmailAddress" /> <add claimType="http://schemas.microsoft.com/ws/2005/05/identity/claims/UserName" optional="true" /> </claimTypeRequirements> </message> </security> </binding> </wsFederationHttpBinding> </bindings>