ActivationPin
This element indicates that a Pin (Personal
Identification Number) has been used to authenticate the Principal to
some local system in order to activate a key.
Element information
Namespace: None
Schema document: saml-2.0-os/saml-schema-authn-context-types-2.0.xsd
Type: ActivationPinType
Properties: Global, Qualified
Content
- Sequence [1..1]
- Length [0..1] This element indicates the minimum and/or maximum ASCII length of the password which is enforced (by the UA or the IdP). In other words, this is the minimum and/or maximum number of ASCII characters required to represent a valid password. min - the minimum number of ASCII characters required in a valid password, as enforced by the UA or the IdP. max - the maximum number of ASCII characters required in a valid password, as enforced by the UA or the IdP.
- Alphabet [0..1]
- Generation [0..1] Indicates whether the password was chosen by the Principal or auto-supplied by the Authentication Authority. principalchosen - the Principal is allowed to choose the value of the password. This is true even if the initial password is chosen at random by the UA or the IdP and the Principal is then free to change the password. automatic - the password is chosen by the UA or the IdP to be cryptographically strong in some sense, or to satisfy certain password rules, and that the Principal is not free to change it or to choose a new password.
- ActivationLimit [0..1] This element indicates the length of time for which an PIN-based authentication is valid.
- Extension [0..*]
Attributes
None
Used in
- Type KeyActivationType (Element KeyActivation)
- Type PrincipalAuthenticationMechanismType (Element PrincipalAuthenticationMechanism)
Sample instance
<ActivationPin> <Length min="1"/> <Alphabet requiredChars="string"/> <Generation mechanism="principalchosen"/> <ActivationLimit> <ActivationLimitDuration duration="P1Y2M3DT10H"/> </ActivationLimit> <Extension> <!--any element--> </Extension> </ActivationPin>