Administrative logon/logoff (SOAP API)

Each SOAP administration operation performed by an administrative user requires a successful administrative logon. OneSpan Authentication Server provides a session identifier (sessionID) as a response to a successful administrative logon request. Each administrative operation of OneSpan Authentication Server requires that session identifier and must be performed from the same client location.

To support logon/logoff operations via the SOAP API, a SOAP client record in OneSpan Authentication Server with the Administration Logon client type is required for the computer where your SOAP client application is running.

To log on/log off via the SOAP API

1. Create a SOAP request.
2. Specify the logon or logoff SOAP operation in the SOAP request.
3. Specify one or more credential attributes as parameters for the SOAP operation. Attributes are key/value pairs.

4. Import the OneSpan Authentication Server SSL server certificate as trusted root certificate on the machine where your client application is running.

   This will allow your SOAP client application to connect to OneSpan Authentication Server securely via SSL.

5. Send the SOAP request to OneSpan Authentication Server. By default, the SOAP request should be transmitted over HTTPS with the OneSpan Authentication Server.

   By default, OneSpan Authentication Server is configured to accept SOAP requests on port 8888.

6. Receive the SOAP response.
7. Process the SOAP response.

For more information about the structure of SOAP messages, see SOAP message structure (SDK SOAP API).