GSSAPIAuthenticatorCreateSpec

GSSAPIAuthenticatorCreateSpec
GSSAPIAuthenticatorCreateSpec

GSSAPI Authenticator specification

JSON Example
{
    "allow_legacy_clients": true,
    "allow_ntlm_fallback": true,
    "connection_server_ids": [
        "42e47f15-aad0-221a-b231-ea4a3a134ec9",
        "d0325b13-2bf1-4fa4-b027-e780004f2d1e"
    ],
    "enable_login_as_current_user": true,
    "enforce_channel_bindings": true,
    "trigger_mode": "ENABLED"
}
boolean
allow_legacy_clients
Required

Indicates whether the legacy Horizon clients will be allowed to use login as current user.

boolean
allow_ntlm_fallback
Required

Indicates whether NTLM is allowed for GSSAPI authentication. When the client does not have access to the domain controllers in the hosted environment kerberos authentication fails, clients can fall back to NTLM authentication if allowNTLMFallback is set to true.

array of string
connection_server_ids
Required

The list of Connection Servers for which this GSSAPI authenticator is enabled.

boolean
enable_login_as_current_user
Required

Indicates whether the login as current user is enabled or not.

boolean
enforce_channel_bindings
Required

Indicates whether channel bindings is supported or not.

string
trigger_mode
Required

Indicates True SSO trigger mode on sessions using this authenticator.

  • DISABLED: Do not use True SSO.
  • OPTIONAL: If no SSO credentials are provided then use True SSO otherwise use the supplied SSO credentials.
  • ENABLED: Always use True SSO even if client supplied SSO credentials.
Possible values are : DISABLED, OPTIONAL, ENABLED,