A client can use the SystemAuthenticationControl feature to update the system authentication
store. The information in the system authentication store is used by the system
authentication handler to authenticate users and assign roles to them.
Querying the store
The client can get a snapshot of the current information in the system authentication
store. This information is returned as an object model.
Updating the store
The client can use a command script to update the system authentication store. The
command script is a string that contains a command on each line. These commands are
applied to the current state of the system authentication store.
The update is transactional. Unless all of the commands in the script can be applied,
none of them are.
Note: By default, Cloud services are configured with an
administrative user with a randomly generated name that is not shown in the Cloud dashboard. However, this principal is present in the store
and is used by the dashboard to get information from Diffusion™ Cloud. To
ensure that your Diffusion Cloud dashboard can connect to Diffusion Cloud, do not delete or modify this user and ensure that no
user-written authentication handlers deny the principal access.
Using a script builder
You can use a script builder to create the command script used to update the system
authentication store. Use the script builder to create commands for the following
- Set the authentication decision for anonymous principals
- Add principals to the store
- Delete principals from the store
- Change the password of a principal
- Assign roles to principals
- Accept client-proposed session properties