This attribute allows you to specify a policy-related directive for a resource. If a service provider wants to use an unsupported directive, the request will fail. The following table describes the available options. .
Table 9–2 Policy-Related Directives
Directive |
Purpose |
---|---|
AuthenticateRequester |
The Discovery Service should include a SAML assertion containing an AuthenticationStatement in its query responses to enable the client to authenticate to the service instance hosting the resource. |
AuthenticateSessionContext |
The Discovery Service should include a SAML assertion containing a SessionContextStatement in its query responses that indicate the status of the session. |
AuthorizeRequestor |
The Discovery Service should include a SAML assertion containing a ResourceAccessStatement in its responses that indicate whether the client is allowed to access the resource. |
EncryptResourceID |
The Discovery Service should encrypt the resource identifier in responses to all clients. |
GenerateBearerToken |
For use with Bearer Token Authentication, the Discovery Service should generate a token that grants the bearer permission to access the resource. |