Dynamic User Registration (DUR) Using a Back-End System for Authentication

For this operation to succeed, the following administrative tasks should be performed in OneSpan Authentication Server:

To configure OneSpan Authentication Server for multi-device licensing (MDL) user registration with Dynamic User Registration (DUR) using a back-end system for authentication

1. Register a back-end server for authentication (not required for a local Windows backend).

2. Define a policy with the following settings:

   • Policy > Local Authentication: DIGIPASS/Password during Grace Period or DIGIPASS or Password
   • Policy > Back-End Authentication: If Needed
   • Policy > Back-End Protocol: Set to the chosen back-end system (effectively, the setting must not be None)
   • User > Dynamic User Registration: Enabled
   • DIGIPASS > Assignment Mode: Auto-Assignment
   • DP Control Parameters > Challenge Check Mode: 0 - No Challenge Check
3. Register the client component.
4. Assign the policy previously defined to the registered client component.
5. Import an authenticator compliant with MDL.

For more information about performing these tasks, see the OneSpan Authentication Server Administrator Guide.

To execute this operation, the registered client application needs to send a provisioningExecute SOAP command to OneSpan Authentication Server, where the value for the cmd element is PROVISIONCMD_MDL_REGISTER.

At a minimum, this SOAP command requires the following set of field attributes to perform this operation:

• PROVFLD_STATIC_PASSWORD
• PROVFLD_USERID
• PROVFLD_COMPONENT_TYPE

For more information about the required and optional attributes for this command, see SOAP provisioning.