The <do-clear-sso-credential> action clears a credential from the object specified by <arg-dn> in the Single Sign On credential store specified by store-def-dn for the application specified by app-id. Additional information about the credential to be cleared may be specified by additional named <arg-string>'s. The number of the strings and the names used are dependent on the credential store and application for which the credential is targeted.

If the SSO provider returns any type of error, the error string will be available to the enclosing policy in the local variable named will be the form: <4-Digit Number>:<Text Description>. Otherwise that local variable will be unavailable.


<do-clear-sso-credential app-id="AD7" store-def-dn="../Library/SSO1">
    <token-parse-dn dest-dn-format="ldap" length="-1" src-dn-format="src-dn" start="0">

1. Allowed Content

DN argument
string argument

2. Attributes

AttributeValue(s)Default Value
app-def-dn CDATA
DN of the application credential definition object
only used by the UI so the various UI's should agree on the DN format used
app-id CDATA
application ID for the credential
supports variable expansion
disabled true   |  false
true if this element is disabled
notrace true   |  false
store-def-dn CDATA
slash form DN of the credential store definition object
may be relative to the including policy
supports variable expansion

3. Content Rule

( arg-dn , arg-string * )

4. Parent Elements

  actions that are performed by a <rule>
  actions argument

Top Elements || All Elements || Tree

DirXMLScript DTD