- Summary of API Functions
- Namespace Elements
All Single Sign-on custom elements used in SPML commands are members of the http://citrix.com/Provision namespace. This namespace is also referred to as ctxs prefix. There are three top-level elements in this namespace that occur in SPML commands: authentication-token, application, and credential.
The authentication-token element is used as a container for the authentication token (AuthToken). This element is mandatory, but is not used. There are no child elements of the authentication-token element.
<ctxs:authentication-token xmlns:ctxs='http://citrix.com/Provision'> AuthToken </ctxs:authentication-token>
The application element may occur as a top-level element or as a child of the credential element.
The application element is used both to describe an application definition (see lookupApplicationRequest) and to describe details of a credential (see addRequest).
<ctxs:application xmlns:ctxs='http://citrix.com/Provision'> <ctxs:id>app-GUID</ctxs:id> <ctxs:name>Outlook</ctxs:name> <ctxs:description>description from app-def </ctxs:description> <ctxs:group password-sharing='true'>Domain</ctxs:group> <ctxs:fields> <ctxs:userID/> <ctxs:password/> <ctxs:custom-field index='1' label='Domain'/> <ctxs:custom-field index='2' label='Exchange Server'/> </ctxs:fields> </ctxs:application>
|ctxsID (mandatory)||The GUID assigned to the application definition when it is created in the console|
|name||The administrator-defined name for the application definition|
|description||The administrator-defined description for the application definition|
|group (mandatory if password sharing is used)||The application group this definition is assigned to in the console. The password-sharing attribute is a boolean value used to indicate if this group has been configured to share passwords. For more information, see addRequest.|
Lists the data fields to be configured for credentials using this application definition. Any subset of the fields listed may be defined for any particular application definition.
Children of the fields element:
See ctxs:credential for an example of an application element as a child of a credential element.
The credential element is used to describe a single secondary credential. Most credentials are associated with a particular application definition; this is expressed by a child application element. Credentials that users enter manually do not contain an application element.
<ctxs:credential xmlns:ctxs='http://citrix.com/Provision' ctxs:status='available' ctxs:pendingAction='delete'> <ctxs:name>Credential Name</ctxs:name> <ctxs:description>user visible description </ctxs:description> <ctxs:provision-description>optional-RA provided-description </ctxs:provision-description> <ctxs:application> <ctxs:id>appdefGuid</ctxs:id> <ctxs:fields> <ctxs:userID>johnd</ctxs:userID> <ctxs:password>pass123</ctxs:password> <ctxs:custom-field index='1'>mydomain </ctxs:custom-field> </ctxs:fields> </ctxs:application> </ctxs:credential>
|status (mandatory)||The status attribute of the credential element indicates the state of this credential from the Single Sign-on Plug-in's perspective. The status is either active or queued. A value of active means that the credential is currently available for the Single Sign-on Plug-in to use. A value of queued means that a command to add the credential has been queued but the Single Sign-on Plug-in has not yet processed that command.|
|pendingAction||The pendingAction attribute of the credential element indicates if there are any queued commands that affects this credential. The pendingAction values are add, modify, and delete. A value of delete indicates that a delete command has been queued for this credential. A value of modify indicates that a modify command has been queued for this credential. This attribute is optional and is omitted if no commands are queued for the credential.|
|name||The name attribute of the credential element is the value displayed by the Single Sign-on Plug-in in the Manage Passwords window (formerly known as Logon Manager). This value can be edited by the user using the property page of the credential.|
|description||The description value of the credential element is the value displayed by the Single Sign-on Plug-in in the Manage Passwords window (formerly known as Logon Manager). This value can be edited by the user using the property page of the credential.|
|provision-description||The provision-description is administrator data that cannot be viewed or edited by the Single Sign-on Plug-in. This is provided solely for the convenience of the Provisioning Administrator.|
|application||The application element indicates the id of the application definition and the character data for the userID, password, and custom-field elements provides the user's details for this credential.|