.NET SDK: SecurityClaims Class

ThingWorx Edge .NET SDK Reference > .NET SDK: SecurityClaims Class

As of v.5.8.0 of the .NET SDK, authorization information such as passwords and application keys is stored in SecurityClaims objects. The SecurityClaims class consists of a Dictionary<string, object>, where each string is a key associated with a security claim value. The value is usually a password or application key callback function of Type TwPasswordDelegate. If a user ID is required, its value is stored as a string. For example, if a secure proxy server connection is required between the ThingWorx Platform and your application, the proxy information that you need to provide will include a user ID and a password for that user ID.

In production, the callback should obtain an application key or other required PASSWORD from a secure source.

Multiple classes of the .NET SDK use SecurityClaims properties, which are usually named Claims:

• ClientConfigurator — Refer to .NET SDK: ClientConfigurator Class

• ProxyInfo — Refer to .NET SDK ClientConfigurator: Proxy Settings

• KeyFileInfo — KeyFileInfo Class

• TunnelManager — .NET SDK: TunnelManager Class

The preferred setters create the dictionary entries with designated strings from the RESTAPIConstants class as their keys:

• RESTAPIConstants.PARAM_USERID

• RESTAPIConstants.PARAM_PASSWORD_CALLBACK

• RESTAPIConstants.PARAM_APPKEY_CALLBACK

It is highly recommended to use the setters with from prefixes, as they automatically use the appropriate keys. The addSecurityClaims function is used internally by the other setters, but it is not recommended for development.

The TwPasswordDelegate Type

As of v.5.8.0, pointers to callback functions are required to retrieve passwords and application keys in all places where they had previously been saved as strings. These callback functions should be of type TwPasswordDelegate, which is based on the C# delegate type and is prototyped in the SecurityClaims class:

[UnmanagedFunctionPointer(CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
public delegate void TwPasswordDelegate(IntPtr password, Int32 maxLength);

Refer to the SteamSensorClient.cs example file for an example of implementing the TwPasswordDelegate Type.

SecurityClaims Functions

The following table lists and briefly describes the functions of the SecurityClaims class:

Function	Description
public getClaims()	Returns the Dictionary<string,object> that holds the security claims.
public static fromAppKeyCallback(TwPasswordDelegate appKeyCallback)	Creates and returns a new SecurityClaims object based on a TwPasswordDelegate appKeyCallback function.
public static fromPasswordCallback(TwPasswordDelegate passwordCallback)	Creates and returns a new SecurityClaims object based on the TwPasswordDelegate passwordCallback function.
public static fromCredentials(string uid, TwPasswordDelegate pwdCallback)	Creates and returns a new SecurityClaims object with two dictionary entries – one for the user ID and one for the password.
public static addSecurityClaim(string name, object value)	Creates and returns a new SecurityClaims object with a dictionary entry of key name and value value. Not recommended for development
public bool hasClaims()	Returns true if the claims dictionary has entries

KeyFileInfo Class

As of v.5.8.0, the KeyFileInfo class uses the SecurityClaims property instead of a password string. If the client's key file is password protected, you must set the Claims property of ClientKeyFileInfo.

For an example of using t he KeyFileInfo class, refer to Specifying Properties to Validate Client Certificates.

Was this helpful?