authUser (Command)

Mis à jour le 19 Dec 2024
1 Minute à lire

Partager
Sombre
Lumière
PDF

The content is currently unavailable in French. You are viewing the default English version.

Résumé de l’article

Avez-vous trouvé ce résumé utile ?

Merci pour vos commentaires

The authUser command can be used to send the following requests to OneSpan Authentication Server:

Authenticate with Response-Only
Authenticate with Challenge/Response
Authenticate with Push Notification
Authenticate with Secure Channel, i.e. authentication with the getChallenge and getSecureChallenge commands (see getChallenge (Command) and getSecureChallenge (Command)).
Change server PIN

Parameters

authUser input parameters
Attribute name	Optionality
CREDFLD_AUTH_TYPE	Optional
CREDFLD_CHALLENGE	Optional (for 1-step C/R)
CREDFLD_CHALLENGE_KEY	Optional
CREDFLD_CHALLENGE_MESSAGE	Optional
CREDFLD_COMPONENT_TYPE	Mandatory
CREDFLD_CONFIRM_NEW_PIN	Optional
CREDFLD_CURRENT_PIN	Optional
CREDFLD_DOMAIN	Optional
CREDFLD_DP_RESPONSE	Optional
CREDFLD_NEW_PIN	Optional
CREDFLD_PASSWORD	Optional
CREDFLD_PASSWORD_FORMAT	Mandatory
CREDFLD_REQUEST_HOST_CODE	Optional
CREDFLD_SERIAL_NO	Optional
CREDFLD_STATIC_PASSWORD	Optional
CREDFLD_USER_ATTRIBUTE_GROUP	Optional
CREDFLD_USERID	Mandatory

authUser output parameters
Attribute name	Returned
CREDFLD_AUXILIARY_MESSAGE	If defined
CREDFLD_CHALLENGE	Optional (for 2-step C/R)
CREDFLD_CHALLENGE_KEY	If defined
CREDFLD_CHALLENGE_MESSAGE	If defined
CREDFLD_DOMAIN	If defined
CREDFLD_HOST_CODE	If defined
CREDFLD_NOTIFY_PASSWORD_EXPIRE_DATE	If defined
CREDFLD_ORGANIZATIONAL_UNIT	If defined
CREDFLD_SERIAL_NO	Optional
CREDFLD_STATUS_MESSAGE	If defined
CREDFLD_USERID	Always

CREDFLD_SERIAL_NO is not returned, if a static password (and not an authenticator) was used for the authentication.

The CREDFLD_CHALLENGE attribute is used as input parameter for 1-step challenge/response authentication. If a user initiates a 2-step challenge/response authentication with a request keyword, the authUser command generates a response and returns it via the CREDFLD_CHALLENGE attribute as output parameter. For more information about challenge/response authentication, refer to the OAS Authentication SDK Programmer's Guide, Section "User authentication: Challenge/response".

Example

Authentication request via response-only with server PIN and OTP (as cleartext combined password)

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <aut:authUser xmlns:aut="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Authentication" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <credentialAttributeSet>
        <attributes>
          <value xsi:type="xsd:string">jane.doe</value>
          <attributeID>CREDFLD_USERID</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:string">1234703557</value>
          <attributeID>CREDFLD_PASSWORD</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:unsignedInt">0</value>
          <attributeID>CREDFLD_PASSWORD_FORMAT</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:string">SOAP Auth Client</value>
          <attributeID>CREDFLD_COMPONENT_TYPE</attributeID>
        </attributes>
      </credentialAttributeSet>
    </aut:authUser>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Cet article vous a-t-il été utile ?

What's Next

cancelAuthUser (Command)

Table des matières

Parameters
Example