Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: New step (4) added in Prerequisites section.

Smart ID Digital Access component offers the following extension Programming Interfaces (XPIs):

Digital Access XPI REST API

See the full documentation in Digital Access XPI REST API.

Digital Access XPI Web Services

See the full documentation here.

Use XPI service via SOAP UI tool

Expandall

Prerequisites

Expand
titlePrerequisites

Integration through the Extension Programming Interface (XPI) must be enabled:

  1. In Digital Access Admin, go to Manage System.
  2. Click a registered Policy Service to edit it.
  3. Select Enable XPI: REST or Enable XPI: WS.
  4. If you want to enable the XPI and SOAP services, the expose port ID should be 0.0.0.0 in Digital Access Admin.
    Image Added
  5. Delegate the admin privileges to a User storage user or a Local user:
    1. Go to Manage system > Delegated Management > Super Administrator >Add Administrator, read more here: Create administrative roles in Digital Access.
  6. For XPI logging as a Local user:
    1. Add a user and enable auth mech.
  7. For XPI logging as a User storage user:
    1. Enable auto linking:
      1. Go to Manage Accounts and Storage > Global User Account Settings.
      2. On the User Linking tab:
        • under General Settings, select Enable PortWise Authentication when automatically linking the user.
        • under PortWise Password, select Use password from User storage.

Step-by-step instruction

Expand
titleGet WSDL in soap UI

Get WSDL in soap UI

  1. Get Web Service Description Language (WSDL) in soap UI from https://da-admin1.test.nexusgroup.com:4443/ws/v4/index.html
  2. Choose the services from the navigation menu. Select and read the detailed information for each service.


Expand
titleSet up soap request

Set up soap request

  1. Authentication is required before any usage of the XPI services - import authentication wsdl in request editor:


  2. Send a request with inputs in subject:

    Code Block
    <subject>
    <country>?</country>
    <credentials>
    <key>username</key>
    <value>YTE=</value> – username with base64 encoded value 
    </credentials>
    <credentials>
    <key>password</key>
    <value>bmV4dXNAMTIz</value> – Password with base64 encoded value 
    </credentials>
    </subject>


    See this example: Authenticate.xml

    1. A valid response has Session, use it in the following request:

      Code Block
      <principals>
      <key>session</key>
      <value>OXg5eWYyM2QxcHRz</value>
      </principals>


  3. Select an admin privileged task, such as a User Account operation.
    1. To get end point service, choose the service from https://da-admin1.test.nexusgroup.com:4443/ws/v4/services/UserAccount?wsdl and import wsdl.
      1.  This is an example of adding a user account:

        Code Block
        <user:add>
        <subject>
        <principals>
        <key>session</key>
        <value>OXg5eWYyM2QxcHRz</value> -> provide session value from authentication response 
        </principals>
        </subject>
        <account>
        <enabled>true</enabled>
        <displayName>user1</displayName> 
        <emailAddress>user1@gmail.com</emailAddress>
        
        <globalAccess>
        <locked>false</locked>
        <maxRetries>10</maxRetries> - constants 
        <numRetries>0</numRetries> -constants 
        </globalAccess>
        <userName>user1</userName>
        <validFrom>1586975400000</validFrom> → date in this format
        <validTo>0</validTo>
        </account>
        <linkToDirectory>false</linkToDirectory> - true is want to link to AD
        </user:add>

        See this example: add user.xml