Automating OneSpan Authentication Server administration workflows

  • Updated on Aug 11, 2025
  • Published on Jan 21, 2025
  • 1 minute(s) read
Prev Next

When working with custom integrations using the OneSpan Authentication Server SDK, you can automate certain administration workflows by creating automated OneSpan Authentication Server services. This may be relevant if you want to perform frequent administrative tasks on a large scale and you want to avoid creating and keeping track of multiple active administrative sessions.

To achieve this, automated OneSpan Authentication Server services require a special user to perform administrative requests, i.e. the service user. Service users do not log on interactively to components such as Administration Web Interface, but authorize each administrative operation individually via the API key generated by OneSpan Authentication Server. This API key can be provided either within the sessionID SOAP field or the HTTP authorization header. For more information about service users and API key authorization, see OneSpan Authentication Server administrator accounts.

To automate administrative tasks, you need to first create a service user and generate an API key in the Administration Web Interface (see Creating service users below).

Once the service user is in place, you need to add the service user's credentials either to the sessionID SOAP field for each command or to the HTTP authorization header. For more information, refer to the OneSpan Authentication Server SDK Programmer's Guide for Java or the OneSpan Authentication Server SDK Programmer's Guide for .NET.

Creating Service Users

Creating a service user is possible only if you have the required administrative privileges.

Before you begin

  • Ensure that you have administrative access to the OneSpan Authentication Server Administration Web Interface.
  • Ensure that you have the Create User privilege assigned.
  • Create the account of the user you want to convert into a service user. The Service User option is available for existing users and cannot be set when creating a user account.

Converting a user into a service user

To convert a user into a service user

  1. Log on to the Administration Web Interface.
  2. Select USERS > List.
  3. Select the user you intend to convert to a service user.
  4. Switch to the User Account tab and click EDIT.
  5. Select the Service User box.

  6. From the Other Actions list, select Generate API Key.

    The generated API key is displayed.

  7. Click Save.

    The API key is now saved as the password of the service user.

Additional tasks

  • If maker–checker authorization is enabled, the command is not completed immediately, but must be authorized by another administrator, i.e. the checker administrator (see Approving a pending operation).
  • After the pending operation has been approved by the checker administrator, you can complete it (see Executing an approved pending operation).