Previous Topic: Fetching User AttributesNext Topic: Verifying User Attributes

CA AuthMinder Web Services GuideManaging Users and AccountsAuthenticating LDAP UsersUsing Directory Service AttributesFetching User Attribute Values

Fetching User Attribute Values

The getQnAValues operation is used to read the values that are set for the user attributes present in the directory service. You can fetch the values for one or more attributes. This section walks you through the following topics related to this operation:

Preparing the Request Message

The following table lists the elements of the QnAValuesRequest message:

Element

Mandatory

Description

username

Yes

The unique identity of the user whose attribute values you want to fetch.

orgname

Yes

The name of the LDAP organization to which the user attribute values that you want to fetch belongs.

attributes/attribute

Yes

The name of the attributes whose value you want to fetch.

clientTxId

No

The unique transaction identifier that the calling application can include. This identifier helps in tracking the related transactions.

Invoking the Web Service

To fetch the values of user attributes:

  1. (Optional) Include the authentication and authorization details in the header of the getQnAValues operation. See chapter, "Managing Web Services Security" for more information on the header elements.
  2. Use the getQnAValuesRequest elements to collect the user, organization, and attribute information, as listed in the preceding table.
  3. Use the QnAValuesRequest message and construct the input message by using the details obtained in preceding step.
  4. Invoke the getQnAValues operation of the ArcotUserRegistrySvc service to fetch the values of the user attributes that are stored in directory service.

    This operation returns the QnAValuesResponse message that includes the transaction identifier, authentication token, and attribute values. See the following section for more information on the response message.

Interpreting the Response Message

The response message, QnAValuesResponse, returns the transaction identifier and the authentication token in the SOAP envelope header. The SOAP body includes the user attribute values for a successful transaction and the Fault response for an error condition.

See the following table for more information on the elements returned for a successful transaction. See appendix, "Error Codes" if there are any errors.

Element

Description

Header Elements

udsTransactionID

The unique identifier of the transaction that is performed using UDS.

authToken

The authentication token that is returned if the credential verification to access Web services was successful. This token eliminates the need for you to present the authentication credential for successive access to the Web services.

By default, the authentication token is valid for one day, after which you need to authenticate again.

Body Elements

The values for the user attributes that are configured in the directory service.