Login
    Contenu x
    policyQuery (Command)
    • 18 Dec 2024
    • 4 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    policyQuery (Command)

    • Mis à jour le 18 Dec 2024
    • 4 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    The policyQuery command allows to query policies that match specified search criteria.

    Parameters

      Table:  policyQuery input parameters (SOAP administration)
    Parameter nameData typeDescription
    sessionIDString

    Required. The session identifier of the current administrative session. The logon command returns this identifier after a successful logon (see  logon (Command)).

    attributeSetPolicyAttributeSet

    Required. A set containing zero or more attribute fields that specify the query search criteria. See  PolicyAttributeSet (Data type).

    If you submit an empty attribute set, all records are returned.

    fieldSet

    PolicyFieldSet

    Optional. Specifies the attribute fields to be returned for all the records matching the search criteria. See  PolicyFieldSet (Data type).

    If fieldSet is omitted, all possible output parameters are returned. If a policy attribute field is not set in the database, it is not returned for that specific policy record.

    queryOptions

    PolicyQueryOptions

    Optional. Options to determine what results should be returned. See  PolicyQueryOptions (Data type).

      Table:  policyQuery output parameters (SOAP administration)
    Parameter nameData typeDescription

    results

    PolicyQueryResults

    Required.

    PolicyAttributeSet (Data type)

    The attributes specified in this attribute set define the search criteria.

    Search attribute fields are interpreted as follows:

    • A wildcard character (*) can be added to the values at the start, the end, or both. They will be interpreted as the SQL LIKE statement.

    • A list of comma-separated values can be specified for the attribute that specifies the domain name. In this case it will be interpreted as the logical OR of the given values.

      You cannot use wildcard characters in comma-separated values.

    • If none of the above applies, the search will be done using the exact match of the given value.
      Table:  PolicyAttributeSet (Data type)
    Element nameData typeDescription
    attributesPolicyAttribute

    Attributes specifying the policy query search criteria (see Table: PolicyAttribute (Data type)).

      Table:  PolicyAttribute (Data type)
    Element nameData typeDescription
    attributeOptionsAttributeOptions

    Specifies how to handle the attribute value during request processing, where each option is added as a single element to attributeOptions, e.g.:

      <negative>true</negative>

    Supported values:

    • negative. Indicates that the specified user attribute value should not be equal to the one specified.
    • null. Indicates that the specified attribute should be handled as zero-value.
    valueAnyThe attribute value. The data type has to be specified by setting the xsi:type XML attribute.
    attributeIDPolicyAttributeIDEnumThe attribute identifier (see Table: policyQuery (Supported input attributes)).
      Table:  policyQuery (Supported input attributes)
    Attribute nameOptionality
    POLICYFLD_ACCEPTED_DOMAINOptional
    POLICYFLD_ACT_MSG_VALIDITYOptional
    POLICYFLD_ACTIVATION_COMPLETED_NOTIFICATIONOptional
    POLICYFLD_ACTIVATION_DELAYED_NOTIFICATIONOptional
    POLICYFLD_ACTIVATION_NOTIFICATION_DELIVERY_METHODOptional
    POLICYFLD_APPL_NAMESOptional
    POLICYFLD_APPL_TYPEOptional
    POLICYFLD_ASSIGN_MODEOptional
    POLICYFLD_ASSIGN_SEARCH_UP_OU_PATHOptional
    POLICYFLD_AUTHUSER_MAX_THREAD_SUSPENDOptional
    POLICYFLD_AUTOLEARNOptional
    POLICYFLD_AVOID_INITIAL_SYNCOptional
    POLICYFLD_BACKEND_AUTHOptional
    POLICYFLD_BACKEND_PROTOCOL_IDOptional
    POLICYFLD_BACKUP_VDP_ENABLEDOptional
    POLICYFLD_BACKUP_VDP_MAX_DAYSOptional
    POLICYFLD_BACKUP_VDP_MAX_USESOptional
    POLICYFLD_BACKUP_VDP_REQUEST_KEYWORDOptional
    POLICYFLD_BACKUP_VDP_REQUEST_METHODOptional
    POLICYFLD_CHALLENGE_REQUEST_KEYWORDOptional
    POLICYFLD_CHALLENGE_REQUEST_METHODOptional
    POLICYFLD_CHECKCHALLENGEOptional
    POLICYFLD_CHG_WIN_PWD_ENABLEDOptional
    POLICYFLD_CHG_WIN_PWD_LENGTHOptional
    POLICYFLD_CHKINACTDAYSOptional
    POLICYFLD_CLIENT_GROUP_LISTOptional
    POLICYFLD_CLIENT_GROUP_MODEOptional
    POLICYFLD_CREATE_TIMEOptional
    POLICYFLD_CUSTOM_REQUEST_BODYOptional
    POLICYFLD_DCROptional
    POLICYFLD_DEFAULT_DOMAINOptional
    POLICYFLD_DELAYED_ACTIVATION_PERIODOptional
    POLICYFLD_DESCRIPTIONOptional
    POLICYFLD_DIGIPASS_TYPESOptional
    POLICYFLD_DP_EXPIRATION_PERIODOptional
    POLICYFLD_DP_TYPE_LIMITOptional
    POLICYFLD_DUROptional
    POLICYFLD_EVENTWINDOWOptional
    POLICYFLD_GRACE_PERIODOptional
    POLICYFLD_GROUP_CHECK_MODEOptional
    POLICYFLD_GROUP_LISTOptional
    POLICYFLD_ITHRESHOLDOptional
    POLICYFLD_ITIMEWINDOWOptional
    POLICYFLD_LOCAL_AUTHOptional
    POLICYFLD_LOCK_DURATION_MULTIPLIEROptional
    POLICYFLD_MAX_UNLOCK_TRIESOptional
    POLICYFLD_MIN_APP_VERSIONOptional
    POLICYFLD_MIN_LOCK_DURATIONOptional
    POLICYFLD_MODIFY_TIMEOptional
    POLICYFLD_MULTI_DP_APPL_VALIDATION_MODEOptional
    POLICYFLD_OFFLINE_AUTH_ENABLEDOptional
    POLICYFLD_OFFLINE_MAX_EVENTSOptional
    POLICYFLD_OFFLINE_TIME_INTERVALOptional
    POLICYFLD_ONE_STEP_CHAL_CHECKDIGITOptional
    POLICYFLD_ONE_STEP_CHAL_LENGTHOptional
    POLICYFLD_ONE_STEP_CHAL_RESPOptional
    POLICYFLD_ONLINESGOptional
    POLICYFLD_PARENT_POLICY_IDOptional
    POLICYFLD_PIN_CHANGE_ALLOWEDOptional
    POLICYFLD_POLICY_IDOptional
    POLICYFLD_PRIMARY_VDP_REQUEST_KEYWORDOptional
    POLICYFLD_PRIMARY_VDP_REQUEST_METHODOptional
    POLICYFLD_PRIVILEGED_USERSOptional
    POLICYFLD_RADIUS_ALLOWED_PROTOCOLSOptional
    POLICYFLD_RADIUS_REP_ATTR_ENABLEDOptional
    POLICYFLD_RADIUS_REP_ATTR_GROUP_LISTOptional
    POLICYFLD_RADIUS_SESSION_LIFETIMEOptional
    POLICYFLD_RADIUS_SESSION_TICKET_LIFETIMEOptional
    POLICYFLD_RADIUS_SESSION_TICKET_REUSEOptional
    POLICYFLD_SECOND_OTP_SYNC_ENABLEDOptional
    POLICYFLD_SECURE_CHAL_FONT_INDEXOptional
    POLICYFLD_SECURE_CHAL_REQ_PINOptional
    POLICYFLD_SECURE_CHAL_TEMPLATE_NOOptional
    POLICYFLD_SECURE_CHANNELOptional
    POLICYFLD_SECURE_SIGN_FONT_INDEXOptional
    POLICYFLD_SECURE_SIGN_REQ_PINOptional
    POLICYFLD_SECURE_SIGN_SHOW_RESPONSEOptional
    POLICYFLD_SECURE_SIGN_SHOW_WARNINGOptional
    POLICYFLD_SECURE_SIGN_TEMPLATE_NOOptional
    POLICYFLD_SELF_ASSIGN_SEPARATOROptional
    POLICYFLD_STATIC_PWD_DIFF_TO_PREVOptional
    POLICYFLD_STATIC_PWD_EXPIRATION_NOTIFICATIONOptional
    POLICYFLD_STATIC_PWD_MAX_AGEOptional
    POLICYFLD_STATIC_PWD_MIN_AGEOptional
    POLICYFLD_STATIC_PWD_MIN_LENGTHOptional
    POLICYFLD_STATIC_PWD_MIN_LOWER_ALPHAOptional
    POLICYFLD_STATIC_PWD_MIN_NUMBEROptional
    POLICYFLD_STATIC_PWD_MIN_SYMBOLOptional
    POLICYFLD_STATIC_PWD_MIN_UPPER_ALPHAOptional
    POLICYFLD_STATIC_PWD_NOT_USERID_BASEDOptional
    POLICYFLD_STHRESHOLDOptional
    POLICYFLD_STIMEWINDOWOptional
    POLICYFLD_STORED_PASSWORD_PROXYOptional
    POLICYFLD_SYNCWINDOWOptional
    POLICYFLD_USE_GENERIC_AUTH_STATUS_CODESOptional
    POLICYFLD_USER_INACT_DAYSOptional
    POLICYFLD_USER_INFO_SYNCOptional
    POLICYFLD_USER_LOCK_THRESHOLDOptional
    POLICYFLD_VDP_DELIVERY_METHODOptional
    POLICYFLD_VDP_MDC_PROFILEOptional
    POLICYFLD_VDP_SIGN_DELIVERY_METHODOptional
    POLICYFLD_VDP_SIGN_ENABLEDOptional
    POLICYFLD_VDP_SIGN_MDC_PROFILEOptional

    For more information about the specific attributes, refer to Table: policyExecute field attributes.

    PolicyFieldSet (Data type)

    The attributes specified in the fieldSet parameter specify the policy attribute fields that should be returned by OneSpan Authentication Server for the policy accounts matching the search criteria.

    If fieldSet is omitted, all possible output parameters are returned. If an attribute field is not set in the database, it is not returned for that specific record.

      Table:  PolicyFieldSet (Data type)
    Element nameData typeDescription
    attributeIDPolicyAttributeIDEnum

    The identifier of an attribute to return (see Table: policyQuery (Supported output attributes)).

      Table:  policyQuery (Supported output attributes)
    Attribute nameReturned?
    POLICYFLD_ACCEPTED_DOMAINIf defined
    POLICYFLD_ACT_MSG_VALIDITYIf defined
    POLICYFLD_ACTIVATION_COMPLETED_NOTIFICATIONIf defined
    POLICYFLD_ACTIVATION_DELAYED_NOTIFICATIONIf defined
    POLICYFLD_ACTIVATION_NOTIFICATION_DELIVERY_METHODIf defined
    POLICYFLD_APPL_NAMESIf defined
    POLICYFLD_APPL_TYPEIf defined
    POLICYFLD_ASSIGN_MODEIf defined
    POLICYFLD_ASSIGN_SEARCH_UP_OU_PATHIf defined
    POLICYFLD_AUTHUSER_MAX_THREAD_SUSPENDIf defined
    POLICYFLD_AUTOLEARNIf defined
    POLICYFLD_AVOID_INITIAL_SYNCIf defined
    POLICYFLD_BACKEND_AUTHIf defined
    POLICYFLD_BACKEND_PROTOCOL_IDIf defined
    POLICYFLD_BACKUP_VDP_ENABLEDIf defined
    POLICYFLD_BACKUP_VDP_MAX_DAYSIf defined
    POLICYFLD_BACKUP_VDP_MAX_USESIf defined
    POLICYFLD_BACKUP_VDP_REQUEST_KEYWORDIf defined
    POLICYFLD_BACKUP_VDP_REQUEST_METHODIf defined
    POLICYFLD_CHALLENGE_REQUEST_KEYWORDIf defined
    POLICYFLD_CHALLENGE_REQUEST_METHODIf defined
    POLICYFLD_CHECKCHALLENGEIf defined
    POLICYFLD_CHG_WIN_PWD_ENABLEDIf defined
    POLICYFLD_CHG_WIN_PWD_LENGTHIf defined
    POLICYFLD_CHKINACTDAYSIf defined
    POLICYFLD_CLIENT_GROUP_LISTIf defined
    POLICYFLD_CLIENT_GROUP_MODEIf defined
    POLICYFLD_CREATE_TIMEIf defined
    POLICYFLD_CUSTOM_REQUEST_BODYIf defined
    POLICYFLD_DCRIf defined (deprecated)
    POLICYFLD_DEFAULT_DOMAINIf defined
    POLICYFLD_DELAYED_ACTIVATION_PERIODIf defined
    POLICYFLD_DESCRIPTIONIf defined
    POLICYFLD_DIGIPASS_TYPESIf defined
    POLICYFLD_DP_EXPIRATION_PERIODIf defined
    POLICYFLD_DP_TYPE_LIMITIf defined
    POLICYFLD_DURIf defined
    POLICYFLD_EVENTWINDOWIf defined
    POLICYFLD_GRACE_PERIODIf defined
    POLICYFLD_GROUP_CHECK_MODEIf defined
    POLICYFLD_GROUP_LISTIf defined
    POLICYFLD_ITHRESHOLDIf defined
    POLICYFLD_ITIMEWINDOWIf defined
    POLICYFLD_LOCAL_AUTHIf defined
    POLICYFLD_LOCK_DURATION_MULTIPLIERIf defined
    POLICYFLD_MAX_UNLOCK_TRIESIf defined
    POLICYFLD_MIN_APP_VERSIONIf defined
    POLICYFLD_MIN_LOCK_DURATIONIf defined
    POLICYFLD_MOBILE_APP_NAMEIf requested
    POLICYFLD_MODIFY_TIMEIf defined
    POLICYFLD_MULTI_DP_APPL_VALIDATION_MODEIf defined
    POLICYFLD_OFFLINE_AUTH_ENABLEDIf defined
    POLICYFLD_OFFLINE_MAX_EVENTSIf defined
    POLICYFLD_OFFLINE_TIME_INTERVALIf defined
    POLICYFLD_ONE_STEP_CHAL_CHECKDIGITIf defined
    POLICYFLD_ONE_STEP_CHAL_LENGTHIf defined
    POLICYFLD_ONE_STEP_CHAL_RESPIf defined
    POLICYFLD_ONLINESGIf defined
    POLICYFLD_PARENT_POLICY_IDIf defined
    POLICYFLD_PIN_CHANGE_ALLOWEDIf defined
    POLICYFLD_POLICY_IDIf defined
    POLICYFLD_PRIMARY_VDP_REQUEST_KEYWORDIf defined
    POLICYFLD_PRIMARY_VDP_REQUEST_METHODIf defined
    POLICYFLD_PRIVILEGED_USERSIf defined
    POLICYFLD_PUSH_NOTIFICATION_MESSAGE_SUBJECTIf defined
    POLICYFLD_PUSH_NOTIFICATION_MESSAGE_TITLEIf defined
    POLICYFLD_PUSH_NOTIFICATION_REQUEST_KEYWORDIf defined
    POLICYFLD_PUSH_NOTIFICATION_REQUEST_METHODIf defined
    POLICYFLD_RADIUS_ALLOWED_PROTOCOLSIf defined
    POLICYFLD_RADIUS_REP_ATTR_ENABLEDIf defined
    POLICYFLD_RADIUS_REP_ATTR_GROUP_LISTIf defined
    POLICYFLD_RADIUS_SESSION_LIFETIMEIf defined
    POLICYFLD_RADIUS_SESSION_TICKET_LIFETIMEIf defined
    POLICYFLD_RADIUS_SESSION_TICKET_REUSEIf defined
    POLICYFLD_SECOND_OTP_SYNC_ENABLEDIf defined
    POLICYFLD_SECURE_CHAL_FONT_INDEXIf defined
    POLICYFLD_SECURE_CHAL_REQ_PINIf defined
    POLICYFLD_SECURE_CHAL_TEMPLATE_NOIf defined
    POLICYFLD_SECURE_CHANNELIf defined
    POLICYFLD_SECURE_SIGN_FONT_INDEXIf defined
    POLICYFLD_SECURE_SIGN_REQ_PINIf defined
    POLICYFLD_SECURE_SIGN_SHOW_RESPONSEIf defined
    POLICYFLD_SECURE_SIGN_SHOW_WARNINGIf defined
    POLICYFLD_SECURE_SIGN_TEMPLATE_NOIf defined
    POLICYFLD_SELF_ASSIGN_SEPARATORIf defined
    POLICYFLD_STATIC_PWD_DIFF_TO_PREVIf defined
    POLICYFLD_STATIC_PWD_MIN_LENGTHIf defined
    POLICYFLD_STATIC_PWD_EXPIRATION_NOTIFICATIONIf defined
    POLICYFLD_STATIC_PWD_MAX_AGEIf defined
    POLICYFLD_STATIC_PWD_MIN_AGEIf defined
    POLICYFLD_STATIC_PWD_MIN_LOWER_ALPHAIf defined
    POLICYFLD_STATIC_PWD_MIN_NUMBERIf defined
    POLICYFLD_STATIC_PWD_MIN_SYMBOLIf defined
    POLICYFLD_STATIC_PWD_MIN_UPPER_ALPHAIf defined
    POLICYFLD_STATIC_PWD_NOT_USERID_BASEDIf defined
    POLICYFLD_STHRESHOLDIf defined
    POLICYFLD_STIMEWINDOWIf defined
    POLICYFLD_STORED_PASSWORD_PROXYIf defined
    POLICYFLD_SYNCWINDOWIf defined
    POLICYFLD_USE_GENERIC_AUTH_STATUS_CODESIf defined
    POLICYFLD_USER_INACT_DAYSIf defined
    POLICYFLD_USER_INFO_SYNCIf defined
    POLICYFLD_USER_LOCK_THRESHOLDIf defined
    POLICYFLD_VDP_DELIVERY_METHODIf defined
    POLICYFLD_VDP_MDC_PROFILEIf defined
    POLICYFLD_VDP_SIGN_DELIVERY_METHODIf defined
    POLICYFLD_VDP_SIGN_ENABLEDIf defined
    POLICYFLD_VDP_SIGN_MDC_PROFILEIf defined

    For more information about the specific attributes, refer to Table: policyExecute field attributes.

    PolicyQueryOptions (Data type)

    This data type determines what results should be returned.

      Table: QueryOptions (Data type)
    Element nameData typeDescription

    count

    Boolean

    Flag to request OneSpan Authentication Server to return only the number of records in the result set, but not the result set itself.

    Default value: false

    distinct

    Boolean

    Flag to request OneSpan Authentication Server to return only unique query results.

    Default value: false

    rowcount

    Unsigned Integer

    Option to request OneSpan Authentication Server to return the specified number of result records, beginning with the record specified by rowoffset.

    If set to 0, all result records are returned.

    Default value: 0

    rowoffset

    Unsigned Integer

    Option to request OneSpan Authentication Server to return result records starting from the specified offset. Can only be used together with rowcount.

    Default value: 0

    sortfieldidString

    Optional. Required if you specify SortOrder. Determines the field attribute to use as sort key when sorting the result set using SortOrder. May contain any field attribute from the FieldSet parameter.

    sortorderString

    Optional. Determines the sort order of the result set. By default, the result set is unsorted.

    Possible values:

    • QUERYOPTIONSORTORDER_ASCENDING. Result set in ascending order.
    • QUERYOPTIONSORTORDER_DESCENDING. Result set in descending order.

    PolicyQueryResults (Data type)

      Table:  PolicyQueryResults (Data type)
    Element nameData typeDescription

    resultCodes

    ResultCodes

    Required. The result and status codes returned by the command.

    For more information, refer to the OneSpan Authentication Server SDK Programmer's Guide, Section "Error and Status Codes".

    resultAttributePolicyAttributeListRequired. List containing the queried policy attributes. Each item of type PolicyAttributeSet.
    resultCountIntegerRequired. The number of items in resultAttribute.
    errorStackErrorStackRequired. The error stack, indicating that the command has not completed successfully.

    Example

     

    <?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <adm:policyQuery xmlns:adm="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Administration" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <sessionID>3JSK8cmRjw4E30wAA=0nUTL-~3fmifTO</sessionID>
      <attributeSet>
        <attributes>
          <value xsi:type="xsd:string">Base Policy</value>
          <attributeID>POLICYFLD_POLICY_ID</attributeID>
        </attributes>
      </attributeSet>
      <fieldSet>
        <attributeID>POLICYFLD_POLICY_ID</attributeID>
        <attributeID>POLICYFLD_DESCRIPTION</attributeID>
      </fieldSet>
    </adm:policyQuery>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

    Requirements

    Required administrative privileges:

    • View Policy

    Additional considerations

    After upgrading OneSpan Authentication Server, server data is continuously migrated while the already-upgraded OneSpan Authentication Server service is running. Until data migration has been completed, the result of a query command may be incomplete and may include both migrated and non-migrated data. This means that values for new data fields may be missing or not set correctly in the query result.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle