CA Strong Authentication Web Services Guide › Performing Credential Operations › Enabling Credentials

Enabling Credentials

The EnableCredential operation is used to activate the disabled or locked credential of a user. For example, a credential can be disabled or locked if a user tries to authenticate by using the wrong credential or exceeds the configured maximum number of allowed attempts.

This section walks you through:

• Preparing the Request Message
• Invoking the Web Service
• Interpreting the Response Message

Preparing the Request Message

The EnableCredentialRequestMessage is used to enable credentials. The input elements for enabling the credentials are same as that explained in the "Creating Credentials" section. For more information about each element, refer to the tables in the "Creating Credentials" section.

Invoking the Web Service

To enable user credentials:

1. (Optional) Include the authentication and authorization details in the SOAP header or in the additionalInput element of the EnableCredential operation. See chapter, "Managing Web Services Security" for more information on these details.
2. Use the userName and orgName elements to fetch the details of the user whose credentials must be enabled.
3. Depending on the type of credential you want to enable, use the respective <CredentialName>Input element to obtain the credential information.

   The input required for each credential is different. For example, password is needed for Password as well as ArcotID PKI, while questions and corresponding answers are required for QnA credentials.

4. (Optional) If you are implementing a plug-in, then invoke the additionalInput element type to fill the additional input.

   This type provides the additional information that is set as a name-value pair.

5. Use EnableCredentialRequestMessage and construct the input message by using the details obtained in preceding steps.
6. Invoke the EnableCredential operation of the ArcotWebFortIssuanceSvc service to enable the credentials.

   This operation returns an instance of the EnableCredentialResponseMessage that includes the credential and transaction details.

Interpreting the Response Message

For successful transactions, the response message, EnableCredentialResponseMessage returns the elements explained in the table containing information about the elements that the response message, CreateCredentialResponseMessage, returns. These elements are included in the SOAP body. If there are any errors, then the Fault response is included in the SOAP body. See appendix, "Error Codes" for more information on the SOAP error messages.