authUser (Command)

Mis à jour le 16 Dec 2024
1 Minute à lire

Partager
Sombre
Lumière
PDF

The content is currently unavailable in French. You are viewing the default English version.

Résumé de l’article

Avez-vous trouvé ce résumé utile ?

Merci pour vos commentaires

The authUser command can be used to send the following requests to OneSpan Authentication Server:

Authenticate with Response-Only
Authenticate with Challenge/Response
Authenticate with Push Notification
Authenticate with Secure Channel, i.e. authentication with the getChallenge and getSecureChallenge commands (see getChallenge (Command) and getSecureChallenge (Command)).
Change server PIN

Parameters

Table: authUser input parameters
Attribute name	Optionality
CREDFLD_AUTH_TYPE	Optional
CREDFLD_CHALLENGE	Optional (for 1-step C/R)
CREDFLD_CHALLENGE_KEY	Optional
CREDFLD_CHALLENGE_MESSAGE	Optional
CREDFLD_COMPONENT_TYPE	Mandatory
CREDFLD_CONFIRM_NEW_PIN	Optional
CREDFLD_CURRENT_PIN	Optional
CREDFLD_DOMAIN	Optional
CREDFLD_DP_RESPONSE	Optional
CREDFLD_NEW_PIN	Optional
CREDFLD_PASSWORD	Optional
CREDFLD_PASSWORD_FORMAT	Mandatory
CREDFLD_REQUEST_HOST_CODE	Optional
CREDFLD_SERIAL_NO	Optional
CREDFLD_STATIC_PASSWORD	Optional
CREDFLD_USER_ATTRIBUTE_GROUP	Optional
CREDFLD_USERID	Mandatory

Table: authUser output parameters
Attribute name	Returned
CREDFLD_AUXILIARY_MESSAGE	If defined
CREDFLD_CHALLENGE	Optional (for 2-step C/R)
CREDFLD_CHALLENGE_KEY	If defined
CREDFLD_CHALLENGE_MESSAGE	If defined
CREDFLD_DOMAIN	If defined
CREDFLD_HOST_CODE	If defined
CREDFLD_NOTIFY_PASSWORD_EXPIRE_DATE	If defined
CREDFLD_ORGANIZATIONAL_UNIT	If defined
CREDFLD_SERIAL_NO	Optional
CREDFLD_STATUS_MESSAGE	If defined
CREDFLD_USERID	Always

CREDFLD_SERIAL_NO is not returned, if a static password (and not an authenticator) was used for the authentication.

The CREDFLD_CHALLENGE attribute is used as input parameter for 1-step challenge/response authentication. If a user initiates a 2-step challenge/response authentication with a request keyword, the authUser command generates a response and returns it via the CREDFLD_CHALLENGE attribute as output parameter. For more information about challenge/response authentication, refer to the OneSpan Authentication Server SDK Programmer's Guide, Section "User authentication: Challenge/response".

Example

Authentication request via response-only with server PIN and OTP (as cleartext combined password)

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <aut:authUser xmlns:aut="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Authentication" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <credentialAttributeSet>
        <attributes>
          <value xsi:type="xsd:string">jane.doe</value>
          <attributeID>CREDFLD_USERID</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:string">1234703557</value>
          <attributeID>CREDFLD_PASSWORD</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:unsignedInt">0</value>
          <attributeID>CREDFLD_PASSWORD_FORMAT</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:string">SOAP Auth Client</value>
          <attributeID>CREDFLD_COMPONENT_TYPE</attributeID>
        </attributes>
      </credentialAttributeSet>
    </aut:authUser>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Cet article vous a-t-il été utile ?

What's Next

cancelAuthUser (Command)

Table des matières

Parameters
Example