CA Strong Authentication Web Services Guide › Understanding AuthMinder WorkFlows › Enrollment Workflows › Migrating Existing Users › Migrating Selected Users

Migrating Selected Users

The typical steps to migrate selected users are:

1. User logs in to your application.

   The user logs in to your application by using your existing authentication method.

2. Application gets the user status.

   Application retrieves user information and identifies whether the user account is marked for migration.

3. Application redirects user.

   Upon successful authentication, the user is redirected to migration page.

4. Your application collects the required information from user to create the credential.

   Your application can display the appropriate pages to the user. For example, you can prompt the user to set the password for ArcotID PKI or you can set the existing password as the ArcotID PKI password, and collect questions and answers if QnA is used for secondary authentication.

5. Your application invokes the CreateCredential operation of the ArcotWebFortIssuanceSvc service.

   This operation creates ArcotID PKI for the user.

   See "Creating Credentials" for more information on the API used for creating credentials for the users.

6. WebFort returns the result.

   If the create operation was successful, then user’s ArcotID PKI is returned.

7. Application downloads the ArcotID PKI on the user’s system.

   If the create operation was successful, then the application downloads the ArcotID PKI to the end-user’s system without any user interaction.

The following figure illustrates the workflow for migrating the selected users to ArcotID PKI authentication: