Systems.Security.TrustedApplications Entity

Namespace: Systems.Security

Application, which is trusted to access the ERP data. Entity: Sec_Trusted_Applications (Introduced in version 19.1)

Default Visualization

Default Display Text Format:
{Name}
Default Search Members:
Name
Name Data Member:
Name

Aggregate

An aggregate is a cluster of domain objects that can be treated as a single unit.

Aggregate Tree

• Systems.Security.TrustedApplications
  • Systems.Security.TrustedApplicationAuthorizations

Attributes

Name	Type	Description
ApplicationSecretHash	string (250) nullable	Hash of the secret of the client application. The secret is used when the client application needs to authorize itself in front of the identity provider. Introduced in version 20.1
ApplicationUri	string (254)	Application globally unique Uri in reverse host name format. For example: "com.manufacturer/app". Required Filter(eq)
BasicAuthenticationAllowed	boolean	If true, this application allows login with user name and password. When a client application uses basic authentication it must provide the application uri along with user name and password. Use with caution, because basic authentication is less secure than oauth! If a user is specified in System User, the basic authentication is allowed only for this user. Required Default(false) Filter(eq)
ClientType	ClientType	Specifies the client type, according to RFC 6749, e.g. the confidentiality of the client app. P=Public (e.g. browser or native app); C=Confidential (e.g. web server app). Required Default("C") Introduced in version 20.1
CreationTimeUtc	datetime	Date and time (in UTC) when the application was registered. Required Default(NowUtc) Filter(eq;ge;le)
DisplayText	string	Uses the repository DisplayTextFormat to build the display text from the attributes and references of current object.
Id	guid
ImpersonateAsCommunity UserAllowed	boolean	Allows the application to request login from external users and operate on their behalf. Required Default(false) Filter(eq)
ImpersonateAsInternal UserAllowed	boolean	Allows the application to request login from internal users and operate on their behalf. Required Default(false) Filter(eq)
ImpersonateLoginUrl	string (254) nullable	The login Url used when an application is impersonated as (usually community) user.
ImpersonateLogoutUrl	string (254) nullable	The logout Url used when an application is impersonated as (usually community) user.
IsEnabled	boolean	Specifies whether the application is enabled for login. Required Default(true) Filter(eq)
Name	string (254)	The multi-language name of the application. Required Filter(eq;like)
Notes	string (max) nullable	Notes for this TrustedApplication.
ObjectVersion	int32	The latest version of the extensible data object for the aggregate root for the time the object is loaded from the database. Can be used for optimistic locking.
Scope	string (max) nullable	The scope (according to RFC 6749) for which the application was trusted. The scope is an unordered list of space-delimited case-sensitive strings. Each string denotes a permission (see docs for possible values). Introduced in version 20.1
SystemUserAllowed	boolean	Allows this application to logon as a service. Required Default(false) Filter(eq)
SystemUserLoginUrl	string (254) nullable	The URL, which will be used by the login process, when the application logs in as a service.

References

Name	Type	Description
SystemUser	Users (nullable)	The user, which will be used when the application logins as a service. Filter(multi eq)

Child Collections

Name	Type	Description
Authorizations	TrustedApplicationAuthorizations	List of TrustedApplication<br />Authorization(Systems.Security.TrustedApplication Authorizations.md) child objects, based on the Systems.Security.TrustedApplication<br />Authorization.TrustedApplication(Systems.Security.TrustedApplication Authorizations.md#trustedapplication) back reference

Attribute Details

ApplicationSecretHash

Hash of the secret of the client application. The secret is used when the client application needs to authorize itself in front of the identity provider. Introduced in version 20.1

Type: string (250) nullable
Category: System
Supported Filters: NotFilterable
Supports Order By: False
Maximum Length: 250

ApplicationUri

Application globally unique Uri in reverse host name format. For example: "com.manufacturer/app". Required Filter(eq)

Type: string (254)
Category: System
Supported Filters: Equals
Supports Order By: False
Maximum Length: 254

BasicAuthenticationAllowed

If true, this application allows login with user name and password. When a client application uses basic authentication it must provide the application uri along with user name and password. Use with caution, because basic authentication is less secure than oauth! If a user is specified in System User, the basic authentication is allowed only for this user. Required Default(false) Filter(eq)

Type: boolean
Category: System
Supported Filters: Equals
Supports Order By: False
Default Value: False

ClientType

Specifies the client type, according to RFC 6749, e.g. the confidentiality of the client app. P=Public (e.g. browser or native app); C=Confidential (e.g. web server app). Required Default("C") Introduced in version 20.1

Type: ClientType
Category: System
Allowed values for the ClientType(Systems.Security.TrustedApplications.md#clienttype) data attribute
Allowed Values (Systems.Security.TrustedApplicationsRepository.ClientType Enum Members)

Value	Description
Confidential	Confidential value. Stored as 'C'. Database Value: 'C' Model Value: 0 Domain API Value: 'Confidential'
Public	Public value. Stored as 'P'. Database Value: 'P' Model Value: 1 Domain API Value: 'Public'

Supported Filters: NotFilterable
Supports Order By: False
Default Value: Confidential

CreationTimeUtc

Date and time (in UTC) when the application was registered. Required Default(NowUtc) Filter(eq;ge;le)

Type: datetime
Category: System
Supported Filters: Equals, GreaterThanOrLessThan
Supports Order By: False
Default Value: CurrentDateTimeUtc

DisplayText

Uses the repository DisplayTextFormat to build the display text from the attributes and references of current object.

Type: string
Category: Calculated Attributes
Supported Filters: NotFilterable
Supports Order By: ****

Id

Type: guid
Indexed: True
Category: System
Supported Filters: Equals, EqualsIn
Default Value: NewGuid

ImpersonateAsCommunityUserAllowed

Allows the application to request login from external users and operate on their behalf. Required Default(false) Filter(eq)

Type: boolean
Category: System
Supported Filters: Equals
Supports Order By: False
Default Value: False

ImpersonateAsInternalUserAllowed

Allows the application to request login from internal users and operate on their behalf. Required Default(false) Filter(eq)

Type: boolean
Category: System
Supported Filters: Equals
Supports Order By: False
Default Value: False

ImpersonateLoginUrl

The login Url used when an application is impersonated as (usually community) user.

Type: string (254) nullable
Category: System
Supported Filters: NotFilterable
Supports Order By: False
Maximum Length: 254

ImpersonateLogoutUrl

The logout Url used when an application is impersonated as (usually community) user.

Type: string (254) nullable
Category: System
Supported Filters: NotFilterable
Supports Order By: False
Maximum Length: 254

IsEnabled

Specifies whether the application is enabled for login. Required Default(true) Filter(eq)

Type: boolean
Category: System
Supported Filters: Equals
Supports Order By: False
Default Value: True

Name

The multi-language name of the application. Required Filter(eq;like)

Type: string (254)
Category: System
Supported Filters: Equals, Like
Supports Order By: False
Maximum Length: 254

Notes

Notes for this TrustedApplication.

Type: string (max) nullable
Category: System
Supported Filters: NotFilterable
Supports Order By: False
Maximum Length: 2147483647

ObjectVersion

The latest version of the extensible data object for the aggregate root for the time the object is loaded from the database. Can be used for optimistic locking.

Type: int32
Category: Extensible Data Object
Supported Filters: NotFilterable
Supports Order By: ****

Scope

The scope (according to RFC 6749) for which the application was trusted. The scope is an unordered list of space-delimited case-sensitive strings. Each string denotes a permission (see docs for possible values). Introduced in version 20.1

Type: string (max) nullable
Category: System
Supported Filters: NotFilterable
Supports Order By: False
Maximum Length: 2147483647

SystemUserAllowed

Allows this application to logon as a service. Required Default(false) Filter(eq)

Type: boolean
Category: System
Supported Filters: Equals
Supports Order By: False
Default Value: False

SystemUserLoginUrl

The URL, which will be used by the login process, when the application logs in as a service.

Type: string (254) nullable
Category: System
Supported Filters: NotFilterable
Supports Order By: False
Maximum Length: 254

Reference Details

SystemUser

The user, which will be used when the application logins as a service. Filter(multi eq)

Type: Users (nullable)
Category: System
Supported Filters: Equals, EqualsIn

API Methods

Methods that can be invoked in public APIs.

GetAllowedCustomPropertyValues

Gets the allowed values for the specified custom property for this entity object. If supported the result is ordered by property value. Some property value sources do not support ordering - in that case the result is not ordered.
Return Type: Collection Of CustomPropertyValue
Declaring Type: EntityObject
Domain API Request: GET

Parameters

• customPropertyCode
  The code of the custom property
  Type: string

• search
  The search text - searches by value or description. Can contain wildcard character %.
  Type: string
  Optional: True
  Default Value: null

• exactMatch
  If true the search text should be equal to the property value
  Type: boolean
  Optional: True
  Default Value: False

• orderByDescription
  If true the result is ordered by Description instead of Value. Note that ordering is not always possible.
  Type: boolean
  Optional: True
  Default Value: False

• top
  The top clause - default is 10
  Type: int32
  Optional: True
  Default Value: 10

• skip
  The skip clause - default is 0
  Type: int32
  Optional: True
  Default Value: 0

CreateNotification

Creates a notification a sends a real time event to the user.
Return Type: void
Declaring Type: EntityObject
Domain API Request: POST

Parameters

• user
  The user.
  Type: Users

• notificationClass
  The notification class.
  Type: string

• subject
  The subject.
  Type: string

CreateCopy

Duplicates the object and its child objects belonging to the same aggregate. The duplicated objects are not saved to the data source but remain in the same transaction as the original object.
Return Type: EntityObject
Declaring Type: EntityObject
Domain API Request: POST

Business Rules

• R30135 TrustedApplication - Set Creation Time

Front-End Business Rules

None

API

Domain API Query: https://demodb.my.erp.net/api/domain/odata/Systems_Security_TrustedApplications?$top=10

Domain API Query Builder: https://demodb.my.erp.net/api/domain/querybuilder#Systems_Security_TrustedApplications?$top=10