Brian Cryer's Web Resources


Security Context Token. A data structure (or in some contexts a pointer to a data structure) holding information to identify an established secure communication between two end points. The SCT is created as a result of establishing a secure communication and is used to confirm the identify of the sender.

SCTs are used in Web Services Reliable Messaging and by SOAP.

SCTs can be stateless or stateful. A stateful SCT will have some data that changes each time it is used. A stateless SCT does not include any context information and is less secure than a stateful SCT.