Previous Topic: Performing User Account OperationsNext Topic: Updating User Accounts

CA Strong Authentication Web Services GuideManaging Users and AccountsPerforming User Account OperationsAdding User Accounts

Adding User Accounts

You must use the addUserAccount operation to add accounts for the users. This section walks you through the following topics for adding user accounts.

Preparing the Request Message

The following table lists the elements of the addUserAccountRequest message:

Element

Mandatory

Description

userId/orgName

No

The name of the organization to which the user belongs.

Note: If the organization name is not passed, then the Default Organization is used for the operation.

userId/userName

Yes

The unique identifier with which the user is identified in the system.

userId/userRefId

No

The identifier that is used as a reference to track different operations performed by a user.

account/accountType

Yes

The attribute that qualifies the account ID and provides additional context about the usage of the account ID.

account/accountID

No

The alternate identifier that is used to identify the user in addition to the user name. The account ID is also known as account.

account/accountStatus

No

The status of the account. Following are the supported values:

  • 0-9: Indicates that the account is in the INITIAL state.
  • 10-19: Indicates that the account is in the ACTIVE state.
  • 20-29: Indicates that the account is in the INACTIVE state.
  • 30-39: Indicates that the account is in the DELETED state.
  • >39: Indicates that the account state is UNKNOWN.

account/accountIDAttribute

No

The alternate identifier that is used to identify the user in the system.

Note: You cannot pass more than three account ID attributes for a user.

account/dateCreated

No

The timestamp when the account ID was created.

account/dateModified

No

The timestamp when the account ID was last modified.

account/accountCustomAttribute

No

The additional account information that you want to pass as a name-value pair.

  • attributeName
    Indicates the name of the attribute that you want to create.
  • attributeValue
    Indicates the corresponding value for the name.

clientTxId

No

The unique transaction identifier that the calling application can include. This identifier helps in tracking the related transactions.

Invoking the Web Service

To add user accounts:

  1. (Optional) Include the authentication and authorization details in the header of the addUserAccount operation. See chapter, "Managing Web Services Security" for more information on the header elements.
  2. Use the addUserAccountRequest elements to collect the user details that are listed in the preceding section.
  3. Use the addUserAccountRequest message and construct the input message by using the details obtained in preceding step.
  4. Invoke the addUserAccount operation of the ArcotUserRegistrySvc service to add accounts for the user.

    This operation returns the addUserAccountResponse message that includes the transaction identifier, authentication token, and user account details. See the following section for more information on the response message.

Interpreting the Response Message

The response message, addUserAccountResponse, returns the transaction identifier and the authentication token in the SOAP envelope header. These elements are explained in the following table. The SOAP body returns a success message if the operation was performed successfully. If there are any errors, then the Fault response is returned. See appendix, "Error Codes" for more information on the SOAP error messages.

Element

Description

udsTransactionID

The unique identifier of the transaction that is performed using UDS.

authToken

The authentication token that is returned if the credential verification to access Web services was successful. This token eliminates the need for you to present the authentication credential for successive access to the Web services.

By default, the authentication token is valid for one day, after which you need to authenticate again.