PrincipalAuthenticationMechanism
The method that a Principal employs to perform
authentication to local system components.
Element information
Namespace: None
Schema document: saml-2.0-os/saml-schema-authn-context-types-2.0.xsd
Type: PrincipalAuthenticationMechanismType
Properties: Global, Qualified
Content
- Sequence [1..1]
- Password [0..1] This element indicates that a password (or passphrase) has been used to authenticate the Principal to a remote system.
- RestrictedPassword [0..1]
- Token [0..1] This element indicates that a hardware or software token is used as a method of identifying the Principal.
- Smartcard [0..1] This element indicates that a smartcard is used to identity the Principal.
- ActivationPin [0..1] This element indicates that a Pin (Personal Identification Number) has been used to authenticate the Principal to some local system in order to activate a key.
- Extension [0..*]
Attributes
| Name | Occ | Type | Description | Notes |
|---|---|---|---|---|
| preauth | [0..1] | xsd:integer |
Used in
- Type AuthnMethodBaseType (Element AuthnMethod)
Sample instance
<PrincipalAuthenticationMechanism> <Password> <Length min="1"/> <Alphabet requiredChars="string"/> <Generation mechanism="principalchosen"/> <Extension> <!--any element--> </Extension> </Password> <RestrictedPassword> <Length min="1"/> <Generation mechanism="principalchosen"/> <Extension> <!--any element--> </Extension> </RestrictedPassword> <Token> <TimeSyncToken DeviceType="hardware" SeedLength="1" DeviceInHand="true"/> <Extension> <!--any element--> </Extension> </Token> <Smartcard> <Extension> <!--any element--> </Extension> </Smartcard> <ActivationPin> <Length min="1"/> <Alphabet requiredChars="string"/> <Generation mechanism="principalchosen"/> <ActivationLimit> <ActivationLimitDuration duration="P1Y2M3DT10H"/> </ActivationLimit> <Extension> <!--any element--> </Extension> </ActivationPin> <Extension> <!--any element--> </Extension> </PrincipalAuthenticationMechanism>