authUser SOAP Response Structure

An authUser SOAP response typically uses the following format:

<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aut="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Authentication">
<!--.... (additional namespace declarations) -->
  <soapenv:Header/>
  <soapenv:Body>
    <aut:authUserResponse>
      <authUserResults xsi:type="AUTH-TYPES:AuthUserResults">
        <results xsi:type="CREDENTIAL-TYPES:CredentialResults">
          <resultCodes xsi:type="BASIC-TYPES:ResultCodes">
            <returnCodeEnum>RET_SUCCESS</returnCodeEnum>
            <statusCodeEnum>STAT_SUCCESS</statusCodeEnum>
            <returnCode>0</returnCode>
            <statusCode>0</statusCode>
          </resultCodes>
          <resultAttribute xsi:type="CREDENTIAL-TYPES:CredentialAttributeSet">
            <attributes xsi:type="CREDENTIAL-TYPES:CredentialAttribute">
              <attributeOptions xsi:type="BASIC-TYPES:AttributeOptions">
                <masked>true</masked>
             </attributeOptions>
             <value xsi:type="xsd:string">1234</value>
             <attributeID>CREDFLD_STATIC_PASSWORD</attributeID>
           </attributes>
         </resultAttribute>
         <errorStack xsi:type="BASIC-TYPES:ErrorStack"/>
       </results>
       <userattributelist>
         <attributes xsi:type="CREDENTIAL-TYPES:CredentialAttribute">
          <value xsi:type="xsd:string">master</value>
          <attributeID>CREDFLD_DOMAIN</attributeID>
        </attributes>
      </userattributelist>
    </aut:authUserResponse>
  </soapenv:Body>
</soapenv:Envelope>

The SOAP body element of an authUser SOAP response only contains an authUserResponse element (line 9). This element always contains the following elements:

• results (required)
• userattributelist (optional)

The results element contains the following sub-elements:

• resultCodes (required). This element contains the following sub-elements:

  • returnCode. The operation return code indicating the overall result of the request processing.
  • statusCode. The operation status code indicating the reason for failure of any returnCode different from success (0).
  • returnCodeEnum. The identifier corresponding to the returnCode.
  • statusCodeEnum. The identifier corresponding to the statusCode.
• resultAttribute (required). This element contains zero or more attributes elements.

• errorStack (required). Contains zero or more errors elements.

  • errors. Each errors element contains the following sub-elements:

    • errorCode. The error code integer.
    • errorDesc. A string representation of the error code.

For a complete list of possible error codes, refer to the OneSpan Authentication Server Administrator Reference, Section "Error and Status Codes".

In this case, the resultattribute element is used to refer to credential attributes elements.

The userattributelist contains zero or more user attributes elements. This element is only specified if the following conditions are met:

• A userattribute group attribute has been specified in the corresponding SOAP request.
• User authentication was successful.
• User attributes with the specified user attribute group have been defined for the specified user.

For more information about how attribute elements are structured, see authUser SOAP request structure.