2.1.4 - Association Anywhere Authentication Web Service

Similar documents
Table of Contents. Open-Xchange Authentication & Session Handling. 1.Introduction...3

Riverbed Cascade Shark Common REST API v1.0

Message Containers and API Framework

SmarterMeasure Inbound Single Sign On (SSO) Version 1.3 Copyright 2010 SmarterServices, LLC / SmarterServices.com PO Box , Deatsville, AL 36022

Vital Link 2.X Pre-Install Checklist

Absorb Single Sign-On (SSO) V3.0

RoomWizard Synchronization Software Manual Installation Instructions

Kentico CMS security facts

Hosted Credit Card Forms Implementation Guide

Using ilove SharePoint Web Services Workflow Action

UFTP AUTHENTICATION SERVICE

Using Foundstone CookieDigger to Analyze Web Session Management

SPARROW Gateway. Developer Data Vault Payment Type API. Version 2.7 (6293)

Managing User Accounts

Secure Messaging Server Console... 2

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

MXSAVE XMLRPC Web Service Guide. Last Revision: 6/14/2012

API Integration Payment21 Recurring Billing

Magensa Services. Administrative Account Services API Documentation for Informational Purposes Only. September Manual Part Number:

DIGIPASS Authentication for Sonicwall Aventail SSL VPN

The increasing popularity of mobile devices is rapidly changing how and where we

Enhanced Password Security - Phase I

How To Use Saml 2.0 Single Sign On With Qualysguard

Audi Virtual Payment Client Integration Manual

Brainshark/Salesforce.com Integration Installation Procedures

Safeguard Ecommerce Integration / API

Salesforce1 Mobile Security Guide

Active Directory LDAP Quota and Admin account authentication and management

API Integration Payment21 Button

Single Sign On Guide. Table of Contents

Criteria for web application security check. Version

Enhanced Password Security - Phase I

Cloud Services. Introduction...2 Overview...2. Security considerations Installation...3 Server Configuration...4

Configure Directory Integration

Credomatic Integration Resources. Browser Redirect API Documentation June 2007

Managing User Accounts

Easy CollECt and the transaction ManagEr interface

SPARROW Gateway. Developer API. Version 2.00

KMx Enterprise: Integration Overview for Member Account Synchronization and Single Signon

fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé

Easy CramBible Lab DEMO ONLY VERSION Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0

Spryng Making Business Mobile (0) Spryng Headquarters: Herengracht BW Amsterdam - The Netherlands

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Cvent Web Services API. Version V June 2008

Flowpack Single sign-on Server Documentation

IBM SPSS Collaboration and Deployment Services Version 6 Release 0. Single Sign-On Services Developer's Guide

White Paper BMC Remedy Action Request System Security

IP Phone Service Administration and Subscription

How To Set Up The Barclaycard Epdq Cardholder Payment Interface (Cpi) On Papercut (Barclay Card) On A Microsoft Card (For A Credit Card) With A Creditcard (For An Account)

McAfee One Time Password

Novell Identity Manager

AccountView. Single Sign-On Guide

HarePoint Workflow Extensions for Office 365. Quick Start Guide

How to set up Outlook Anywhere on your home system

User Identification and Authentication

vcloud Air Platform Programmer's Guide

Flexible Identity Federation

Shipping Services Files (SSF) Secure File Transmission Account Setup

Twinfield Single Sign On

[MS-SPEMAWS]: SharePoint Web Service Protocol. Intellectual Property Rights Notice for Open Specifications Documentation

Mandiri e-cash Online

Single Sign-On Guide for Blackbaud NetCommunity and The Patron Edge Online

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

User Manual. (updated December 15, 2014) Information in this document is subject to change without notice.

Durango Merchant Services Customer Vault API

Portal User Guide. Customers. Version 1.1. May of 5

eway AU Hosted Payment Page

An identity management solution. TELUS AD Sync

Authentication Methods

Adeptia Suite LDAP Integration Guide

1: 2: : 3.1: 3.2: 4: 5: & CAPTCHA

Who Is Your Insurance Web Service

Token Payment Web Services

PI Cloud Connect Overview

Implementation Guide

CA Performance Center

Lepide Active Directory Self Service. Configuration Guide. Follow the simple steps given in this document to start working with

CLC Server Command Line Tools USER MANUAL

Operation of Qvidian Proposal Automation (QPA) CRM APIs

InternetVista Web scenario documentation

ZODIANET API (ZAPI2)

Installation Procedure SSL Certificates in IIS 7

PINsafe Multifactor Authentication Solution. Technical White Paper

IIS SECURE ACCESS FILTER 1.3

Fairsail REST API: Guide for Developers

Merchant One Payment Systems Integration Resources. Direct Post API Documentation June 2007

PrintFleet Enterprise Security Overview

Web Application Report

Single Sign-On Implementation Guide

Building Secure Applications. James Tedrick

Integrate with Directory Sources

Onset Computer Corporation

GravityLab Multimedia Inc. Windows Media Authentication Administration Guide

Merchant Web Services API

Two-Factor Authentication

Setup Corporate (Microsoft Exchange) . This tutorial will walk you through the steps of setting up your corporate account.

Transcription:

2.1.4 - Association Anywhere Authentication Web Service ACGI has developed an authentication web service that allows permitted third-party sites to perform user authentication through the Association Anywhere database. This web service does require some back-end engineering set up, but does not require an ODBC connection. Web service Details Authentication web service with internal IP white list validation of the referring site(s) can be referenced as http or https. ACGI recommends implementing this with SSL to avoid risk of transferring plain text or cost and complexity of encryption. See APPENDIX A for descriptions and characteristics of data elements referenced within this document. See APPENDIX B for Error Conditions and Error Codes censsawebsvclib.authentication passing arguments as an xml document with name p_input_xml_doc Input document to validate by username and password, cust id and last name, or alias and last name (methods must be enabled via system parameters to be used): <authentication-request> <cust-id></cust-id> <last-nm></last-nm> <alias></alias> <username></username> <password></password> <session-id></session-id> </authentication-request> alias & cust-id and last-nm & cust-id authentication methods supported as of AA 6.5. Alias type used for authentication must be defined in system parameter SSA_AUTH_METHOD_2. Alternative input document to validate by customer ID and token (may only be done after initial authentication): <authentication-request> <cust-id>a999999999</cust-id> <session-id>example Hash Code Value</session-id> </authentication-request> Output Document <authentication> <authenticated>true</authenticated> <authentication-message>might be for a successful or a failed authentication</authentication-message>

<authentication-error-id>11</authentication-error-id> <session> <session-id>example Hash Code Value</session-id> <session_id>example Hash Code Value</session_id> <breadcrumb-session-id>example Breadcrumb Session ID Value</breadcrumb-session-id> <login-serno>1234567</login-serno> <roles> <role>member</role> <role>guest</role> </roles> </session> <customer> <cust-id>a999999999</cust-id> <cust-type>i</cust-type> <name> <display-name>john Doe</display-name> <last-name>doe<last-name> <first-name>john</first-name> <company-name>that Big University</company-name> </name> <cust-email>test@hotmail.com</cust-email> </customer> <memberships> <membership> <member>true</member> <status>active</status> <subgroup-id>abc</subgroup-id> <subgroup-type>na</subgroup-type> <subgroup-name>human-readable Value</subgroup-name> <class-code>sample CODE</class-code> <subclass-code>sample CODE</subclass-code> <level-of-service>sample Description of Level of Service</level-of-service> <end-of-service-date>2011-12-31</end-of-service-date> <paid-through-date>2010-12-31</paid-through-date> </membership> <membership> </membership> </memberships> <subscriptions> <subscription> <package-code>sample CORE PACK CODE</package-code> <package-name>sample Core Package Name</package-name> <benefit-of-membership>true</benefit-of-membership> <associated-subgroup-id>abc</associated-subgroup-id> <end-of-service-date>2011-12-31</end-of-service-date> <paid-through-date>2010-12-31</paid-through-date> </subscription> <subscription> </subscription> </subscriptions>

</authentication> General Notes on XML Schema: 1. On failed authentication, only authenticated; authentication-message & authentication-error-id (see Appendix B) will be returned 2. On successful authentication, authenticated; authentication-message; session; customer; memberships & subscriptions will exist. 3. Role, membership, subscription may all have 0, 1, or multiple children, but are likely to have 1 or more. 4. Within Role, membership, subscription all children will exist. 5. Name will always have a display-name child; first-name, last-name, and company-name may or may not exist depending on cust-type. ssaauthmain.authenticated_redirect to perform redirect from partner website to AGCI url with pseudo-single sign on: Arguments: p_cust_id p_hash_cd (session ID) p_target_url p_add_cust_id_to_url (default to Y) target URL could be constructed, including the customer ID, on partner side, but the easier approach is to use the same syntax as the SSA menus, and let the database add the customer ID. Appendix A: Data Element Descriptions Data element Purpose Type Length Session-id Hashed Session ID Hash String 30 Cust-id Role Cust-type Display-name Unique Customer ID within ACGI AMS Privileges for Internet Users of ACGI (i.e. ABC members/subscribers); probably not used by CJO Member Type: will be I (Individual) for now; may be expanded to include C (companies) in the future Member Name, formatted for display String 30 String 2 Last-name Member Last Name, if Individual String 30 First-name Member First Name, if Individual String 30 Member [Membership] Status Is current active member for this subgroup; always true for now, reserved for future expansion ACTIVE, SUSPENDED, TERMINATED, PENDING; always ACTIVE for now, reserved for future expansion Boolean

Subgroup-ID Subgroup-type Subgroup-name Class-code & Subclass-Code Level-of-service [Membership] End-of-service-date [Membership] Paid-through-date Package-code Package-name Benefit-of-membership Associated-subgroup-ID [Subscription] End-of-service-date [Subscription] Paid-through-date Identifier of a membership subgroup; may be ABC, special interest groups, regional chapters etc. Only ABC membership will matter. Type of Membership Subgroup, reserved for future expansion. Code values are configurable, but frequently include NA (National Association) and CH (chapter) Name of Membership Subgroup, formatted for display Two dimensional Codes for differentiating membership privileges and pricing. To be configured by ABC; probably not used by Description of the combination of class and subclass Date when the membership will expire; reserved for future Date through which the membership has been paid (usually the same as the end of service date); reserved for future Unique Code Identifier for a Set of one or more publications that can be subscribed to as a unit. These will be defined by ABC, and will be needed by CJO to differentiate members with and without online access. Description of a Subscription Package If a subscription is a free benefit of membership or a separately-paid subscription For benefit of membership subscriptions, the Subgroup for which this is a benefit Date when the subscription will expire; reserved for future Date through which the subscription has been paid (usually the same as the end of service date); reserved for future String 2 String 8 String 30 boolean Appendix B: Anticipated Error Conditions and Coding

The following table defines the error/failure conditions anticipated at this point. This list accurate up to AA 6.4.5. Authentication-error-id Authentication-message 1 Badly-formed XML 10 Authentication-request not found 20 Invalid xml: neither username nor cust-id found 30 Invalid xml: password not found 40 Invalid xml: session-id not found 100 Bad username/password combination 200 Invalid cust-id 201 Invalid Session ID - session no longer valid Successfully Authenticated This list changed as of AA 6.5. The new list can be seen below Authentication-error-id Authentication-message 1 Badly-formed XML 30 Invalid xml: password not found 50 Invalid xml: no complete authentication details 60 Your IP may not access this function 100 Bad authentication details. This could be due to the system not finding a matching username/password. Or if the username/password exists, the system may not be able to find a valid SSA role for the customer. 200 Invalid cust-id 201 Invalid Session ID - session no longer valid 999 Unexpected error: technical error message will be included here Successfully Authenticated

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information