<identity>

  • Article

The identity element allows a client developer to specify at design time the expected identity of the service. In the handshake process between the client and service, the Windows Communication Foundation (WCF) infrastructure will ensure that the identity of the expected service matches the values of this element, and thus can be authenticated. For more information, see Specifying Service Identity.

Schema Hierarchy

<system.serviceModel>
  <client>
    <endpoint> of <client>

Syntax

<identity>
    <certificate encodedValue="String"/>
    <certificateReference findValue="String" 
       isChainIncluded="Boolean"
       storeName="AddressBook/AuthRoot/CertificateAuthority/Disallowed/My/Root/TrustedPeople/TrustedPublisher"storeName="
       storeLocation="LocalMachine/CurrentUser"
       X509FindType= Enumeration./>
    <dns value="String"/>
    <rsa value="String"/>
    <servicePrincipalName value="String"/>
    <usePrincipalName value="String"/>
</identity>

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

None.

Child Elements

Element Description

certificate

Specifies settings of an X.509 certificate. This element is of type CertificateElement. It contains an attribute encodedValue that is a string, which specifies the value encoded by this certificate.

certificateReference

Specifies settings for X.509 certificate validation. This element is of type CertificateReferenceElement.

dns

Specifies the DNS of an X.509 certificate used to authenticate a service. This element contains an attribute value that is a string, and contains the actual identity.

rsa

Specifies the value of the RSA field of an X.509 certificate used to authenticate a service to a client. This element contains an attribute value that is a string, and contains the actual identity

servicePrincipalName

Specifies a server principal name (SPN) identity, which is the principal name used by a client to uniquely identify an instance of a service. This element contains an attribute value that is a string, and contains the actual principal name. This element is of type ServicePrincipalNameElement.

userPrincipalName

Specifies a user principal name (UPN) identity, which is the logon name type of a user on a network. The user principal name consists of the user object name used in Active Directory, followed by the at symbol (@) and then, typically, the Domain Name System parent domain. For example, Jeff in the Fabrikam.com domain tree might have the user principal name jeff@fabrikam.com. This element contains an attribute value that is a string, and contains the actual principal name. This element is of type UserPrincipalNameElement.

Parent Elements

Element Description

<custom>

Specifies a custom peer resolver for a netPeerTcpBinding.

<endpoint>

Configures different types of endpoints.

<issuer>

Specifies the Security Token Service (STS) for the federated service.

<issuerMetadata>

Specifies the metadata endpoint for the Security Token Service (STS) of a federated service.

<issuedTokenParameters>

Defines parameters for an issued token in a custom binding.

<localIssuer>

Specifies a local Security Token Service (STS).

See Also

Reference

IdentityElement
EndpointAddress
Identity

Other Resources

Specifying Service Identity
Endpoints: Addresses, Bindings, and Contracts