Integrate Administrative Functionality

The OneSpan Authentication Server administration functions can be integrated into any application that supports SOAP.

This integration can be done via one of the following:

• Administration client interface wrappers. OneSpan provides standard wrappers for integrating OneSpan Authentication Server features into custom applications. For more information about wrappers provided by OneSpan in the OneSpan Authentication Server SDK, see Wrappers.
• Sending SOAP requests directly. This method requires the client application developer to generate SOAP client applications based on the OneSpan Authentication Server WSDL files.

Unless explicitly stated, the information applies to both standard administration scenarios and multi-device licensing (MDL) and activation administration scenarios. For commands specific to an MDL administration scenario, see MDL activation operations (SOAP API).

Integrating administration via the SOAP API

The SOAP API provides two different types of operations:

• Most operations of the SOAP API are loosely based on the respective web service definition file (WSDL) and usually follow an execute/query operation pattern. Each execute operation is tied to the object type, the effective command to be executed is specified as a parameter of the execute operation, e.g. creating a new object of that type. For each object type, there is a respective query operation.

  The payload for these operations are loosely defined attribute sets containing attributes, i.e. pairs of field identifier and field value.

  The content of the attribute set for each specific command is not strictly defined or enforced in the WSDL and has to comply with the specifications in the SOAP reference.

• Some operations (in most cases, operations introduced in more recent product versions) follow a different approach. These operations are strictly defined by the respective WSDL, their parameter types are verify and checked. Each operation executes one distinct command.

  The payload for these operations does not contain loosely defined attribute sets, but utilizes strictly defined SOAP elements for each field instead.

The SOAP administration API provides various types of SOAP operations for the different administration commands:

• Logon/logoff operations (see Administrative logon/logoff (SOAP API))
• Execute operations (see Execute operations (SOAP API))
• Query operations (see Query operations (SOAP API))
• File upload/download operations (see File upload/download operations (SOAP API))
• Administration session keep-alive operations

The SOAP administration API supports sending the following command types to OneSpan Authentication Server:

• Administrative logon/logoff
• User administration
• User attribute administration
• Authenticator administration
• Authenticator import
• Authenticator application administration
• Policy administration
• Component administration
• Back-end server administration
• Domain administration
• Organizational unit administration
• Report administration
• Report format administration
• Replication administration
• Admin session administration
• Pending operation administration

Users attempting to perform this type of integration should be familiar with the following standards:

• XML
• XML schema
• SOAP
• MIME
• MTOM