Add a u2f device to an existing users account
WCF
| Code Block | ||||
|---|---|---|---|---|
| ||||
AuthServerResponseEnrollUser EnrollUser(String authServerPartnerLoginName,
string authServerPartnerLoginPassword,
string firstName,
string lastName,
string loginName,
string loginPassword,
string email,
string mobilePhone,
short deviceType,
short otpType,
short otpLength,
short otpWindow,
string otpPin,
string deviceId,
bool addDeviceOnly,
short notificationMethod); |
...
| WCF parameter | data type | description |
|---|---|---|
| authServerPartnerLoginName | string | SurePassId account login name |
| authServerPartnerLoginPassword | string | SurePassId account login key |
| firstName | string | First name |
| lastName | string | Last name |
| loginName | string | User account login name |
| loginPassword | string | Users password. If omitted one will be generated. If using Active Directory on the server this parameter is ignored. |
| string | User email. Used for sending email notifications and temporary pass codes.ignored | |
| mobilePhone | string | Users mobile phone Used for sending voice or sms messagesignored |
| deviceType | short | 12 - see Device Type |
| OtpType | short | 8 - see OTP Type |
| OtpLength | short | The length of the desired OTP. ignored |
| OtpWindow | short | The sliding window for OTP validation. For event based OTP Type this is the number of values > than the event counter that will be accepted. For time based OTP Type this is the number of seconds that will elapse before the OTP will change.ignored |
| Otppin | short | The pin associated with device for OTP Type that require a PINignored |
| deviceId | short | The serial number to be assigned to the newly created device associated with this account. It is recommended you pass an empty string value. The actual devicedId will be returned in the response.ignored |
| onlyAddDevice | bool | true |
| notificationMethod | short | send welcome message to user. 0 = none, 1=email, 2=sms |
| Code Block | ||||
|---|---|---|---|---|
| ||||
AuthServerResponseEnrollUser resp = EnrollUser("accountLogin",
"accountKey",
"Mandy",
"Last",
"Mandy",
"M@5ndy58!",
Mandy5@myco.com,
"+1(407)555-1212,
212, // desktopfido tokendevice
18, // timeu2f based otp
60, // otpignored
digits 0, 30, // timeignored window
in seconds
"", // no pin for time based otpignored
true, // add user and this device
0); |
...
| REST parameter | data type | description |
|---|---|---|
| spAccountLoginName | string | SurePassId account login name |
| spAccountLoginKey | string | SurePassId account login key |
| username | string | User account login name |
| type | string | add_oath_device |
| deviceType | short | Device Type |
| OtpType | short | OTP Type |
| OtpLength | short | The length of the desired OTP. |
| windowSize | short | The sliding window for OTP validation. For event based OTP Type this is the number of values > than the event counter that will be accepted. For time based OTP Type this is the number of seconds that will elapse before the OTP will change. |
| OtpPin | short | The pin associated with device for OTP Type that require a PIN |
| timeDrift | short | The number of allowable time drift increments to be used as part of the calculation. |
| psn | string | The device serial number for the device. If this field is not specified then a serial number will be generated by the system. For hardware devices such as FOBS this field is recommended since these devices usually come serialized. For soft devices such as mobile otp generators, it is recommended to not specify a serial number and let the system create one automatically. The generated serial number will be returned in the response. |
| secretKeyHex | string | The secret key (in hex format) for the device. If this field is not specified then a secure secret key will be generated by the system. For hardware devices such as FOBS this field is recommended since these devices usually come with predefined keys. For soft devices such as mobile otp generators, it is recommended to not specify a secret key and let the system create one automatically. |
| secretKeyHexBase64 | string | The secret key (Base64 format) for the device. If this field is not specified then a secure secret key will be generated by the system. For hardware devices such as FOBS this field is recommended since these devices usually come with predefined keys. For soft devices such as mobile otp generators, it is recommended to not specify a secret key and let the system create one automatically. |
| u2f_device | ||
| notificationMethod | short | send welcome message to user. 0 = none, 1=email, 2=sms |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"username": "Mandy",
"spAccountLoginName": "accountLogin",
"spAccountLoginKey": "accountKey",
"type": "add_oath_device",
"deviceType ": 1, // key fob token
"OtpType": 1, // time based otp
"OtpLength": 6, // otp digits
"windowSize": 30, // time window in seconds
"OtpPin": "", // no pin for time based otp
"psn": "OATH_12345678",
"secretKeyHex": "3132333435363738383031323334353637383830",
u2f_device",
"notificationMethod": 0
}
|
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"errorCode": 0,
"errorMessage": "OK",
"type": "add_oathu2f_devivedevice"
} |