CA Strong Authentication Web Services Guide › Performing Credential Operations › Resetting Credential Validity

Resetting Credential Validity

Issued credentials are valid for the period that is specified at the time they are created. The ResetCredentialValidity operation enables you to reset the validity period of the credential before it expires. This operation is used to either extend or reduce the validity period of the credential, but it does not reset the password or any other credential attributes.

This section walks you through:

• Preparing the Request Message
• Invoking the Web Service
• Interpreting the Response Message

Preparing the Request Message

The ResetCredentialValidityRequestMessage is used to reset the validity of the credentials. The input elements for resetting the credentials validity are same as that explained in the "Creating Credentials" section. For more information about each element, refer to the tables listed in the "Creating Credentials" section.

Invoking the Web Service

To reset the validity of user credentials:

1. (Optional) Include the authentication and authorization details in the SOAP header or in the additionalInput element of the ResetCredentialValidity operation. See chapter, "Managing Web Services Security" for more information on these details.
2. Use the userName and orgName elements to fetch the details of the user whose credential validity must be reset.
3. Depending on the type of credential that has to be reset, use the respective <CredentialName>Input element to obtain the credential information.

   The input required for each credential is different. For example, password is needed for Password as well as ArcotID PKI, while questions and corresponding answers are required for QnA credentials.

4. (Optional) If you are implementing a plug-in, then invoke the additionalInput element type to fill the additional input.

   This type provides the additional information that is set as a name-value pair.

5. Use ResetCredentialValidityRequestMessage and construct the input message by using the details obtained in preceding steps.
6. Invoke the ResetCredentialValidity operation of the ArcotWebFortIssuanceSvc service to reset the credential validity.

   This operation returns an instance of the ResetCredentialValidityResponseMessage that includes the credential and transaction details.

Interpreting the Response Message

For successful transactions, the response message, ResetCredentialValidityResponseMessage returns the elements explained in the table containing information about the elements that the response message, CreateCredentialResponseMessage, returns. These elements are included in the SOAP body. If there are any errors, then the Fault response is included in the SOAP body. See appendix, "Error Codes" for more information on the SOAP error messages.