- 03 Oct 2024
- 1 Minute to read
- DarkLight
- PDF
Version 3.21 (January 2021)
- Updated on 03 Oct 2024
- 1 Minute to read
- DarkLight
- PDF
New features and enhancements
Administrator level management
OneSpan Authentication Server 3.21 introduces administrator levels. These are optional values that can be used to create an administrative account hierarchy that controls which other administrator accounts a particular administrator account can view, edit, and update (as long as they are within the administrative scope). Administrators cannot modify, delete, or even view administrator accounts that have an administrator level higher than their own.
The administrator level is an integer value in the range of 0–255 and can be managed via a new user attribute, i.e. USERFLD_ADMIN_LEVEL.
The following commands of the SOAP administration interface have been extended to directly manage the administrator level:
USERCMD_CREATE
USERCMD_VIEW
USERCMD_UPDATE
Digipass import file upload via SOAP
You can now upload and process Digipass import files via SOAP directly without using Data Migration Tool. A DIGIPASS import file is a comma-separated text file (.csv) that contains authenticator records. They are used, for instance, to import authenticator data from an existing VACMAN Controller environment to OneSpan Authentication Server.
The SOAP communication interface now provides four new commands to handle Digipass import files:
dpCSVFileImport. Processes authenticator data previously uploaded from a DIGIPASS import file (via a server task).
dpCSVFileImportStatus. Returns the current status of a server task that is importing authenticator data from a DIGIPASS import file.
dpCSVFileImportStop. Stops a server task that is importing authenticator data from a DIGIPASS import file.
dpCSVFileUploadMTOM. Uploads a DIGIPASS import file using MTOM encoding.
Search for administrative user accounts
You can now filter search results to include or exclude user accounts with administrative privileges when searching for users. Note that you cannot filter for a particular administrative privilege, but only limit the search results to user accounts that have either any administrative privilege assigned or none.
To do so, you can now use the USERFLD_ADMIN_PRIVILEGES attribute as a zero-value input parameter for the userQuery command and set the attributeOptions accordingly, e.g.:
<adm:userQuery …>
…
<attributeSet>
<attributes>
<attributeOptions>
<negative>true</negative>
<null>true</null>
</attributeOptions>
<value xsi:type="xsd:base64Binary">0</value>
<attributeID>USERFLD_ADMIN_PRIVILEGES</attributeID>
</attributes>
</attributeSet>
…
</adm:userQuery>