CA Strong Authentication Web Services Guide › Performing Credential Operations › Reissuing Credentials

Reissuing Credentials

The Issuance Web service enables you to re-create the credentials for the user. If the credential has been reissued for the user, then the user cannot log in by using their old credential. This section walks you through:

• Preparing the Request Message
• Invoking the Web Service
• Interpreting the Response Message

Preparing the Request Message

The ReissueCredentialRequestMessage is used to reissue the credentials. The input elements for reissuing the credentials are same as that explained in the "Creating Credentials" section. For more information about each element, refer to the tables listed in the "Creating Credentials" section.

Invoking the Web Service

To reissue credentials for a user:

1. (Optional) Include the authentication and authorization details in the SOAP header or in the additionalInput element of the ReissueCredential operation. See chapter, "Managing Web Services Security" for more information on these details.
2. Use the userName and orgName elements to fetch the details of the user whose credentials must be reissued.
3. Depending on the type of credential you want to reissue, use the respective <CredentialName>Input element to obtain the credential information.

   The input required for each credential is different. For example, password is needed for Password as well as ArcotID PKI, while questions and corresponding answers are required for QnA credentials.

4. (Optional) If you are implementing a plug-in, then invoke the additionalInput element type to fill the additional input.

   This type provides the additional information that is set as a name-value pair.

5. Use ReissueCredentialRequestMessage and construct the input message by using the details obtained in preceding steps.
6. Invoke the ReissueCredential operation of the ArcotWebFortIssuanceSvc service to reissue the credentials.

   This operation returns an instance of the ReissueCredentialResponseMessage that includes the credential and transaction details.

Interpreting the Response Message

For successful transactions, the response message, ReissueCredentialResponseMessage returns the elements explained in the table containing information about the elements that the response message, CreateCredentialResponseMessage, returns. These elements are included in the SOAP body. If there are any errors, then the Fault response is included in the SOAP body. See appendix, "Error Codes" for more information on the SOAP error messages.