Just a second...

Updating the system authentication store

A client can use the SystemAuthenticationControl feature to update the system authentication store. The information in the system authentication store is used by the system authentication handler to authenticate users and assign roles to them.

Querying the store

Required permissions: view_security

The client can get a snapshot of the current information in the system authentication store. This information is returned as an object model.

Updating the store

Required permissions: modify_security

The client can use a command script to update the system authentication store. The command script is a string that contains a command on each line. These commands are applied to the current state of the system authentication store.

The update is transactional. Unless all of the commands in the script can be applied, none of them are.

Note: By default, Cloud services are configured with an administrative user with a randomly generated name that is not shown in the Cloud dashboard. However, this principal is present in the store and is used by the dashboard to get information from Diffusion™ Cloud. To ensure that your Diffusion Cloud dashboard can connect to Diffusion Cloud, do not delete or modify this user and ensure that no user-written authentication handlers deny the principal access.

Using a script builder

You can use a script builder to create the command script used to update the system authentication store. Use the script builder to create commands for the following actions:
  • Set the authentication decision for anonymous principals
  • Add principals to the store
  • Delete principals from the store
  • Change the password of a principal
  • Assign roles to principals
  • Accept client-proposed session properties