Setting the Personal Assurance Message

CA Strong Authentication Web Services Guide › Managing Users and Accounts › Setting the Personal Assurance Message

Setting the Personal Assurance Message

The Personal Assurance Message (PAM) is a text string that is displayed to the user, when they try to access a resource protected by AuthMinder. This string assures the user that they are connected to the genuine network or resource.

To set the PAM for a user, you must use the setPAM operation. This section walks you through the following topics for setting the PAM for users:

Preparing the Request Message
Invoking the Web Service
Interpreting the Response Message

Preparing the Request Message

The following table lists the elements of the setPAMRequest message:

Element	Mandatory	Description
UserId/orgName	No	The name of the organization to which the user belongs. Note: If the organization name is not passed, then the Default Organization is used for the operation.
UserId/userName	Yes	The unique identifier with which the user is identified in the system.
UserId/userRefId	No	The identifier that is used as a reference to track different operations performed by a user.
PAM	No	The Personal Assurance Message (PAM) string displayed to the user when they try to access a resource protected by AuthMinder. Note: If you do not pass the PAM element, then an empty value will be set as PAM.
pamImageURL	No	The URL, which contains the image that is displayed to the user when they try to access a resource protected by AuthMinder.
clientTxId	No	The unique transaction identifier that the calling application can include. This identifier helps in tracking the related transactions.

Invoking the Web Service

To set the PAM for a user:

(Optional) Include the authentication and authorization details in the header of the setPAM operation. See chapter, "Managing Web Services Security" for more information on the header elements.
Use the setPAMRequest elements to collect the user information, as listed in the preceding table.
Use the setPAMRequest message and construct the input message by using the details obtained in preceding step.
Invoke the setPAM operation of the ArcotUserRegistrySvc service to set the PAM for the user.
This operation returns the setPAMResponse message that includes the transaction identifier and authentication token. See the following section for more information on the response message.

Interpreting the Response Message

The response message, setPAMResponse, returns the transaction identifier and the authentication token in the SOAP envelope header. These elements are explained in the following table. The SOAP body returns a success message if the operation was performed successfully. If there are any errors, then the Fault response is returned. See appendix, "Error Codes" for more information on the SOAP error messages.

Element	Description
udsTransactionID	The unique identifier of the transaction that is performed using UDS.
authToken	The authentication token that is returned if the credential verification to access Web services was successful. This token eliminates the need for you to present the authentication credential for successive access to the Web services. By default, the authentication token is valid for one day, after which you need to authenticate again.

Element

Description

udsTransactionID

The unique identifier of the transaction that is performed using UDS.

authToken

The authentication token that is returned if the credential verification to access Web services was successful. This token eliminates the need for you to present the authentication credential for successive access to the Web services.

By default, the authentication token is valid for one day, after which you need to authenticate again.