Customers and partners exploring the possibility of becoming identity providers have provided us consistent feedback about the need to provide users with more information.  Identity providers want to be able to provide users with contact information, usage guidelines, etc. ( or as we like to call it ‘ back of the credit card information’ )

 Based on the feedback, we’ve implemented a new feature in the .Net Framework 3.5 release of CardSpace that allows the IP to add custom data to the CRD file. This new design enhances the communication channel between the user and the identity provider by allowing the IP to provide richer/more helpful information to the user.

The Identity provider can specify any custom data as a list of name-value pairs that we will display on the ‘Card Details’ screen as shown below

The maximum length of the name and value strings is 255 characters and a maximum of 20 pairs can be provided. The format of the xml added to the end of the card is as follows

 

<wsid:InformationCard xml:lang="en-us" xmlns:wsid="http://schemas.xmlsoap.org/ws/2005/05/identity">

....

…..

<IssuerInformation xmlns="http://schemas.xmlsoap.org/ws/2007/01/identity">

                        <IssuerInformationEntry>

                                           <EntryName>Customer Service</EntryName>

                                           <EntryValue>1-800-CARD-HELP</EntryValue>

                </IssuerInformationEntry>

<IssuerInformationEntry>

                         <EntryName>Email Contact</EntryName>

                         <EntryValue>cardhelp@CardVendor.com</EntryValue>

                            </IssuerInformationEntry>

</IssuerInformation>

</wsid:InformationCard>

           

The older version of CardSpace (the .NET Framework 3.0 release) does not support this data, so if a card containing this information is imported and then exported, the data will be lost.

It is important to remember that the only purpose of this data is to display it to the user and it has no influence on the data sent to the IP when requesting the token or on any of the token issuance semantics.

We hope that this feature along with the new feature of allowing custom error messages , should enable a much better user – IP interaction.

 

Ruchi