Searching All Users

CA Strong Authentication Web Services Guide › Managing Users and Accounts › Performing User Operations › Searching All Users

Searching All Users

You must use the searchUsers operation to search for all the users in the system.

This section walks you through the following topics for searching the users:

Preparing the Request Message
Invoking the Web Service
Interpreting the Response Message

Preparing the Request Message

The following table lists the elements of the searchUsers message:

Element	Mandatory	Description
orgPattern	No	The pattern that is used to search the organizations. For example, ac pattern will search for users in the following organizations: Acme Acro Note:* If the organization pattern is not passed, then the Default Organization is used for the operation.
orgName	No	The name of the organization to which the user belongs. Note: If the organization name is not passed, then the Default Organization is used for the operation.
searchExpression	Yes	The expression that is used to search for users. For example, if you search for *m, then the following user details will be fetched: John Smith Mathew
count	No	If the search result exceeds this value, then only the search results equal to this value are fetched.
filter/includeImage	No	The flag to indicate whether the user image has to be retrieved or not. Supported values are: 0: Indicates that the image must not be retrieved. 1: Indicates that the image must be retrieved.
filter/includeAccounts	No	The flag to indicate whether the user accounts have to be retrieved or not. Supported values are: 0: Indicates that the user accounts must not be retrieved. 1: Indicates that the user accounts must be retrieved.
filter/deepSearch	No	The flag to indicate whether the user must be searched based on more than one parameter. Supported values are: 0: Indicates that the users will be searched based on their user names only. 1: Indicates that the users will be searched using the following details: First search attribute: User name Second search attribute: Account ID Third search attribute: Account ID attributes If the user details are not found using the first search attribute, then the second attribute is used. If both the first and second attributes fail to fetch the user details, then the third attribute is used to search the user details.
status	No	The status of the user. Following are the supported values: INITIAL ACTIVE INACTIVE DELETED Note: If you do not pass the value, then by default the status is set as ACTIVE.
account/accountType	Yes Only if the account element is defined.	The attribute that qualifies the account ID and provides additional context about the usage of the account ID.
account/accountID	No	The alternate identifier that is used to identify the user in addition to the user name. The account ID is also known as account.
account/accountStatus	No	The status of the account. Following are the supported values: 0-9: Indicates that the account is in the INITIAL state. 10-19: Indicates that the account is in the ACTIVE state. 20-29: Indicates that the account is in the INACTIVE state. 30-39: Indicates that the account is in the DELETED state. >39: Indicates that the account state is UNKNOWN.
account/accountIDAttribute	No	The alternate identifier that is used to identify the user in the system. Note: You cannot pass more than three account ID attributes for a user.
account/dateCreated	No	The timestamp when the account ID was created.
account/dateModified	No	The timestamp when the account ID was last modified.
account/accountCustomAttribute	No	The additional account information that you want to pass as a name-value pair. attributeName Indicates the name of the attribute that you want to create. attributeValue Indicates the corresponding value for the name.
RepositoryUserAttributes/attributeName	No	The name of the user attribute that is used to store the user information. For example, First Name or Email Address.
clientTxId	No	The unique transaction identifier that the calling application can include. This identifier helps in tracking the related transactions.

Invoking the Web Service

To search for users:

(Optional) Include the authentication and authorization details in the header of the searchUsers operation. See chapter, "Managing Web Services Security" for more information on the header elements.
Use the searchUsersRequest elements to collect the user information.
Use the searchUsersRequest message and construct the input message by using the details obtained in preceding step.
Invoke the searchUsers operation of the ArcotUserRegistrySvc service to fetch the information of all the users.
This operation returns the searchUsersResponse message that includes the transaction identifier, authentication token, and user details. See the following section for more information on the response message.

Interpreting the Response Message

The response message, searchUsersResponse, returns the transaction identifier and the authentication token in the SOAP envelope header. The SOAP body includes the user details and status for a successful transaction and the Fault response for an error condition.

The return elements of searchUsersResponse are the same as those for retrieveUserResponse. See the table containing information about the retrieveUserResponse elements for more information on the user details that is returned for a successful transaction. See appendix, "Error Codes" if there are any errors.