GSSAPIAuthenticatorCreateSpec

GSSAPI Authenticator specification

JSON Example

{
    "allow_legacy_clients": true,
    "allow_ntlm_fallback": true,
    "connection_server_ids": [
        "42e47f15-aad0-221a-b231-ea4a3a134ec9",
        "d0325b13-2bf1-4fa4-b027-e780004f2d1e"
    ],
    "enable_login_as_current_user": true,
    "enforce_channel_bindings": true,
    "trigger_mode": "ENABLED"
}

boolean

allow_legacy_clients

Required

Indicates whether the legacy Horizon clients will be allowed to use login as current user.

boolean

allow_ntlm_fallback

Required

Indicates whether NTLM is allowed for GSSAPI authentication. When the client does not have access to the domain controllers in the hosted environment kerberos authentication fails, clients can fall back to NTLM authentication if allowNTLMFallback is set to true.

array of string

connection_server_ids

Required

The list of Connection Servers for which this GSSAPI authenticator is enabled.

boolean

enable_login_as_current_user

Required

Indicates whether the login as current user is enabled or not.

boolean

enforce_channel_bindings

Required

Indicates whether channel bindings is supported or not.

string

trigger_mode

Required

Indicates True SSO trigger mode on sessions using this authenticator.

DISABLED: Do not use True SSO.
OPTIONAL: If no SSO credentials are provided then use True SSO otherwise use the supplied SSO credentials.
ENABLED: Always use True SSO even if client supplied SSO credentials.

Possible values are : DISABLED, OPTIONAL, ENABLED,

Parameter To

Create GSSAPI Authenticator