Attributes
Description
Maximum lifetime of a refresh token in seconds. Defaults to 2592000 seconds / 30 days
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AbsoluteRefreshTokenLifetime | Int | 2592000 | False |
Description
The number of failed login attempts for the current user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AccessFailedCount | Int | 0 | False |
Description
Lifetime of access token in seconds (defaults to 3600 seconds / 1 hour)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AccessTokenLifetime | Int | 3600 | False |
Description
Specifies whether the access token is a reference token or a self contained JWT token (defaults to Jwt).
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AccessTokenType | Enum | 0 | False | System.Identity/TokenType |
Description
Controls whether access tokens are transmitted via the browser for this client
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowAccessTokensViaBrowser | Boolean | false | False |
Description
Specifies whether this client can request refresh tokens (defaults to false)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowOfflineAccess | Boolean | false | False |
Description
Specifies whether a proof key can be sent using plain method (not recommended and defaults to false).
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowPlainTextPkce | Boolean | false | False |
Description
Specifies whether user can choose to store consent decisions (defaults to true)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowRememberConsent | Boolean | true | False |
Description
Signing algorithm for access token. If empty, will use the server default signing algorithm.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowedAccessTokenSigningAlgorithms | StringArray | False |
Description
Gets or sets the allowed CORS origins for JavaScript clients.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowedCorsOrigins | StringArray | False |
Description
Specifies the allowed grant types (legal combinations of AuthorizationCode, Implicit, Hybrid, ResourceOwner, ClientCredentials). Defaults to Implicit.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowedGrantTypes | StringArray | False |
Description
Signing algorithm for identity token. If empty, will use the server default signing algorithm.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowedIdentityTokenSigningAlgorithms | StringArray | False |
Description
Specifies the api scopes that the client is allowed to request. If empty, the client can't access any scope
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AllowedScopes | StringArray | False |
Description
When requesting both an id token and access token, should the user claims always be added to the id token instead of requiring the client to use the userinfo endpoint.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AlwaysIncludeUserClaimsInIdToken | Boolean | false | False |
Description
Gets or sets a value indicating whether client claims should be always included in the access tokens - or only for client credentials flow.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AlwaysSendClientClaims | Boolean | false | False |
Description
Gets or sets the URI of the provider, or discovery endpoint for OpenID Connect discovery.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Authority | String | False |
Description
Lifetime of authorization code in seconds (defaults to 300 seconds / 5 minutes)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/AuthorizationCodeLifetime | Int | 300 | False |
Description
Specifies if the user's session id should be sent to the BackChannelLogoutUri. Defaults to true.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/BackChannelLogoutSessionRequired | Boolean | true | False |
Description
Specifies logout URI at client for HTTP back-channel based logout.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/BackChannelLogoutUri | String | False |
Description
The backchannel authentication request lifetime in seconds.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/CibaLifetime | Int | False |
Description
The type of the claim.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClaimType | String | False |
Description
The value of the claim.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClaimValue | String | False |
Description
The value type of the claim.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClaimValueType | String | False |
Description
Gets or sets the client claims to be sent to the user info endpoint.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClientClaims | RecordArray | False | System.Identity/ClientClaim |
Description
Gets or sets a value to prefix it on client claim types. Defaults to client_.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClientClaimsPrefix | String | client_ | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClientId | String | False |
Description
Gets or sets the client secret of the application.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClientSecret | String | False |
Description
URI to further information about client (used on consent screen)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ClientUri | String | False |
Description
Lifetime of a user consent in seconds. Defaults to null (no expiration)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ConsentLifetime | Int | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ConsumedDateTime | DateTime | False |
Description
When enabled, the client's token lifetimes (e.g. refresh tokens) will be tied to the user's session lifetime.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/CoordinateLifetimeWithUserSession | Boolean | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/CreationDateTime | DateTime | False |
Description
Clock skew used in validating the client's DPoP proof token 'iat' claim value. Defaults to 5 minutes.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/DPoPClockSkew | TimeSpan | 00:05:00 | False |
Description
Enum setting to control validation for the DPoP proof token expiration.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/DPoPValidationMode | Int | 1 | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Data | String | False |
Description
Specifies the lifetime (in seconds) of the device code. Defaults to 300 seconds / 5 minutes.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/DeviceCodeLifetime | Int | 300 | False |
Description
The email address of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Email | String | False |
Description
Indicates if the email address of the user has been confirmed.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/EmailConfirmed | Boolean | false | False |
Description
Specifies if this client can use local accounts. Defaults to true.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/EnableLocalLogin | Boolean | true | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ExpirationDateTime | DateTime | False |
Description
The first name of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/FirstName | String | False |
Description
Specifies if the user's session id should be sent to the FrontChannelLogoutUri. Defaults to true.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/FrontChannelLogoutSessionRequired | Boolean | true | False |
Description
Specifies logout URI at client for HTTP front-channel based logout.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/FrontChannelLogoutUri | String | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/GrantKey | String | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/GrantType | String | False |
Description
Gets or sets the host address of the identity provider.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Host | String | False |
Description
Specifies which external IdPs can be used with this client (if list is empty all IdPs are allowed). Defaults to empty.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/IdentityProviderRestrictions | StringArray | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/IdentityRoleIds | StringArray | False |
Description
Lifetime of identity token in seconds (defaults to 300 seconds / 5 minutes)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/IdentityTokenLifetime | Int | 300 | False |
Description
Value indicating whether JWT access tokens should include an identifier. Defaults to true.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/IncludeJwtId | Boolean | true | False |
Description
Gets of sets a URI that can be used to initiate login from the IdentityServer host or a third party.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/InitiateLoginUri | String | False |
Description
Specifies whether the consent screen will emphasize this scope (if the consent screen wants to implement such a feature). Defaults to false.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/IsEmphasized | Boolean | false | False |
Description
Specifies whether the user can de-select the scope on the consent screen (if the consent screen wants to implement such a feature). Defaults to false.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/IsRequired | Boolean | false | False |
Description
The last name of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/LastName | String | False |
Description
Flag indicating if the user could be locked out.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/LockoutEnabled | Boolean | false | False |
Description
The date and time, in UTC, when any user lockout ends.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/LockoutEnd | DateTimeOffset | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/LoginProvider | String | False |
Description
URI to client logo (used on consent screen)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/LogoUri | String | False |
Description
The normalized email address of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/NormalizedEmail | String | False |
Description
The normalized name.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/NormalizedName | String | False |
Description
The normalized user name.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/NormalizedUserName | String | False |
Description
Gets or sets a salt value used in pair-wise subjectId generation for users of this client.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/PairWiseSubjectSalt | String | False |
Description
The salted and hashed representation of the password for this user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/PasswordHash | String | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/PermissionId | String | False |
Description
The phone number of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/PhoneNumber | String | False |
Description
Indicates if the phone number of the user has been confirmed.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/PhoneNumberConfirmed | Boolean | false | False |
Description
The backchannel authentication request polling interval in seconds.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/PollingInterval | Int | False |
Description
Gets or sets the host port of the identity provider.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Port | Int | 636 | False |
Description
Specifies allowed URIs to redirect to after logout
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/PostLogoutRedirectUris | StringArray | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ProtocolType | String | oidc | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ProviderDisplayName | String | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ProviderKey | String | False |
Description
Specifies allowed URIs to return tokens or authorization codes to.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RedirectUris | StringArray | False |
Description
Gets or sets a value indicating whether the access token (and its claims) should be updated on a refresh token request.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RefreshTokenExpiration | Enum | 1 | False | System.Identity/TokenExpiration |
Description
Gets or sets a value indicating whether the refresh token should be updated on a refresh token request.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RefreshTokenUsage | Enum | False | System.Identity/TokenUsage |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RequireClientSecret | Boolean | true | False |
Description
Specifies whether a consent screen is required. Defaults to false.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RequireConsent | Boolean | false | False |
Description
Specifies whether a DPoP (Demonstrating Proof-of-Possession) token is required to be used by this client (defaults to false)
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RequireDPoP | Boolean | false | False |
Description
Specifies whether a proof key is required for authorization code based token requests (defaults to true).
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RequirePkce | Boolean | true | False |
Description
Specifies whether the client must use a request object on authorize requests (defaults to false).
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RequireRequestObject | Boolean | false | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RequireResourceIndicator | Boolean | false | False |
Description
Force the user to change the password after the next login.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ResetPasswordOnLogin | Boolean | true | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ResourceClaims | StringArray | False |
Description
The claims of a role.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RoleClaims | RecordArray | False | System.Identity/RoleClaim |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RoleId | String | False |
Description
The id of roles the user is a member of.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/RoleIds | StringArray | False |
Description
Models the scopes this API resource allows.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Scopes | StringArray | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/SecretType | String | SharedSecret | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Secrets | RecordArray | False | System.Identity/Secret |
Description
A random value that should change whenever a users credentials have been compromised.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/SecurityStamp | String | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/SessionId | String | False |
Description
Gets or sets a value indicating whether the client will be shown in the discovery document. Defaults to true.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/ShowInDiscoveryDocument | Boolean | true | False |
Description
Sliding lifetime of a refresh token in seconds. Defaults to 1296000 seconds / 15 days
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/SlidingRefreshTokenLifetime | Int | 1296000 | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/SubjectId | String | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/SubjectIds | StringArray | False |
Description
Indicates if two factor authentication is enabled for the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/TwoFactorEnabled | Boolean | false | False |
Description
Indicates whether the access token (and its claims) should be updated on a refresh token request.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UpdateAccessTokenClaimsOnRefresh | Boolean | false | False |
Description
Gets or sets if the connection to the identity provider should use TLS. Defaults to true.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UseTls | Boolean | true | False |
Description
Gets or sets the base DN of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserBaseDn | String | False |
Description
The claims of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserClaims | RecordArray | False | System.Identity/UserClaim |
Description
Specifies the user code type for the device flow. Defaults to null.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserCodeType | String | False |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserId | String | False |
Description
The existing logins of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserLogins | RecordArray | False | System.Identity/UserLogin |
Description
The user name.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserName | String | False |
Description
Gets or sets the name of the user attribute.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserNameAttribute | String | False |
Description
Lifetime of user's single sign-on session (in seconds). Defaults to null (no expiration).
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserSsoLifetime | Int | False |
Description
The tokens of the user.
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/UserTokens | RecordArray | False | System.Identity/UserToken |
| ID | Data Type | Default Values | Is Data Stream? | CkEnumId/CkRecordId |
|---|---|---|---|---|
| System.Identity/Value | String | False |