Claims
Claims-Based Authentication (CBA) is a common way for applications to acquire the identity information they need about users inside their organization, in other organizations, and on the Internet. Whether it's inside an enterprise organization, through a different provider or on the internet, claims-based authentication can simplify authentication logic across various systems. Claims-based identity abstracts the individual elements of identity and access control into two parts: a notion of claims, and the concept of an issuer or an authority.
The Claims nodes in the Management Site is used to set up and maintain CBA configuration settings and allow you to add, edit or delete Resource Types, Resources, and Realms and Audiences ,all of which work together to allow K2 to consume Claims as a Relying Party from a CBA-capable Identity Provider.
- Issuer Name & Description
- URI (typically you'll use the K2 FBA STS -- https://{K2 Site}/Identity/sts/Forms/wsfed, because this is the STS that will handle FBA and Trusted Providers)
- The issuer's Thumbprint
- The Original Issuer
- The Identity Provider Claim, Type & Value
- The Identity Claim & Type
- The Realm and Audience