Version 3.21 (January 2021)
  • 03 Oct 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Version 3.21 (January 2021)

  • Dark
    Light
  • PDF

Article summary

New features and enhancements

Administrator level management

OneSpan Authentication Server 3.21 introduces administrator levels. These are optional values that can be used to create an administrative account hierarchy that controls which other administrator accounts a particular administrator account can view, edit, and update (as long as they are within the administrative scope). Administrators cannot modify, delete, or even view administrator accounts that have an administrator level higher than their own.

The administrator level is an integer value in the range of 0–255 and can be managed via a new user attribute, i.e. USERFLD_ADMIN_LEVEL.

The following commands of the SOAP administration interface have been extended to directly manage the administrator level:

  • USERCMD_CREATE

  • USERCMD_VIEW

  • USERCMD_UPDATE

Digipass import file upload via SOAP

You can now upload and process Digipass import files via SOAP directly without using Data Migration Tool. A DIGIPASS import file is a comma-separated text file (.csv) that contains authenticator records. They are used, for instance, to import authenticator data from an existing VACMAN Controller environment to OneSpan Authentication Server.

The SOAP communication interface now provides four new commands to handle Digipass import files:

  • dpCSVFileImport. Processes authenticator data previously uploaded from a DIGIPASS import file (via a server task).

  • dpCSVFileImportStatus. Returns the current status of a server task that is importing authenticator data from a DIGIPASS import file.

  • dpCSVFileImportStop. Stops a server task that is importing authenticator data from a DIGIPASS import file.

  • dpCSVFileUploadMTOM. Uploads a DIGIPASS import file using MTOM encoding.

Search for administrative user accounts

You can now filter search results to include or exclude user accounts with administrative privileges when searching for users. Note that you cannot filter for a particular administrative privilege, but only limit the search results to user accounts that have either any administrative privilege assigned or none.

To do so, you can now use the USERFLD_ADMIN_PRIVILEGES attribute as a zero-value input parameter for the userQuery command and set the attributeOptions accordingly, e.g.:

<adm:userQuery …>
    …
    <attributeSet>
        <attributes>
            <attributeOptions>
                <negative>true</negative>
                <null>true</null>
            </attributeOptions>
            <value xsi:type="xsd:base64Binary">0</value>
            <attributeID>USERFLD_ADMIN_PRIVILEGES</attributeID>
        </attributes>
    </attributeSet>
    …
</adm:userQuery>


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant