Share via

About the CommerceClaim Entity

  • Article

The CommerceClaim entity represents individual pieces of information about the identity of a user (also called a claim) in Microsoft Commerce Server 2009 R2. Name, e-mail address, user role are examples of individual claims that comprise the identity of a user. All operations to query for claims are performed on the CommerceClaim entity.

The sample configuration below shows how the CommerceClaim entity is defined in metadata.

CommerceEntity name="CommerceClaim">
        <DisplayName value="CommerceClaim"/>

        <Authorization>
          <Operation name="Query" >
            <Claimset name="CommerceQueryOperation_CommerceClaim"/>
          </Operation>
        </Authorization>

        <Properties>
          <Property name="ClaimType" dataType="String" />
          <Property name="Value" dataType="String"/>
          <Property name="ValueType" dataType="String"/>
          <Property name="Issuer"  dataType="String"/>
        </Properties>
      </CommerceEntity>

In Commerce Server 2009 R2, authorization rules have been applied to the CommerceClaim entity by default. These rules specify the operations to which authorization rules apply and the authorization rules that must be followed. For the CommerceClaim entity, only authorized identities in the CommerceQueryOperation_CommerceClaim role can perform query operations on the CommerceClaim entity. For more general information about configuring authorization rules for commerce entities, see Configuring Authorization for a Commerce Entity. Authorized identities are assigned to the CommerceQueryOperation_CommerceClaim role in the CommerceEntityAuthorizationStore.xml file using Authorization Manager (Azman). For more information, see Configuring the Authorization Policy for the CommerceClaim Entity.

The CommerceClaim entity has the following properties:

Property Name

Description

Data Type

ClaimType

Specifies the uniform resource identifier (URI) for the type of claim

For example, the Role claim type is defined as https://schemas.microsoft.com/ws/2008/06/identity/claims/role

String

Value

Represents the value of the claim

String

ValueType

Specifies the data type of the value in the claim

String

Issuer

Specifies the name of the authority or identity provider that issued the claim

In Commerce Server 2009 R2, the value of this property comes from the Issuer attribute of the <claimstore> that created the claim as specified in ChannelConfiguration.config 

String

See Also

Other Resources

Configuring the Authorization Policy for the CommerceClaim Entity

Understanding Claims-Based Identity

Managing Authentication

Managing Authorization