User Management

The user management functions allow users to manage their authenticators.

Mandatory Server Settings

ORG_ADMIN_USERNAME

<Org admin user of HID Authentication Service Tenant>

ORG_ADMIN_PASSWORD

<Password for the Org admin user>

KONY_APP_KEY

<App key of the fabric application>

KONY_APP_SECRET

<App secret of the fabric application>

SERVICES_URL

https://<kony-account-host>/services
(for example, https://hidglobaltest.konycloud.com:443/services)

Optional Server Settings PASSWORD_AUTHTYPE If the input is not AT_STDPWD, takes the input itself, or else takes AT_STDPWD.

Self-Service Component Functions

Method Name Prerequisites Input Parameters Event Purpose

getUserDevices

None

Username

getDevicesSuccess,

getDevicesFailure

Display the devices associated with the user.

editFriendlyName

getUserDevices

 

DeviceId,

NewFriendlyName

EditFriendlyNameSuccess,

error

Update the device friendly name.

changeDeviceStatusOnClick

getUserDevices

DeviceId,

Status

onUpdateDeviceStatusSuccess,

onUpdateDeviceStatusFailure

Change the device status.

changePasswordOnClick

None

Username,

OldPassword,

New Password

OnPasswordChangeSuccess,

onPasswordChangeFailure

Change the user's password.

registerApproveOnClick

None

Username

OnDeviceRegSuccess,

onDeviceRegFailure

Register a new device for the user.

onPollingSuccess

registerApproveOnClick

RegisterApproveOnClick response

 

Poll is the device registration was a success or failure

getPasswordPolicy

None

 

OnPasswordPolicySuccess,

onPasswordPolicyFailure

Get instructions (password policy) for new the password while changing the password.

Public Service-Service Component Functions

Names Purpose

loadUserManagement (Function)

Load the userDevices and Password policy.

userName (Variable)

Pass the username to get userDevices and PasswordPolicy.

Self-Service Processors

Names Description Used by (ServiceName-Operation)

SearchUserPreProcessor

If "authType" is "STD_PWD", takes the values from the configuration properties of "PASSWORD_AUTHTYPE", or else takes the actual value and sets to the request.

UserManagementService- SearchUser

SearchUserPostProcessor

Processes the output of SearchUser API and adds an error flag to the request if noUserRecords, if userActive empty or with the flag FALSE.

If the "authType" present in request is not available in the authenticator (results of SearchUser), then updates the "AuthExists" flag to false. If it is present, updates the flag to true.

UserManagementService- SearchUser

 

GetPasswordPolicyPreProcessor

If "authType" in the request is "AT_STDPWD", takes the value from configuration properties of "PASSWORD_AUTHTYPE", or else takes the value present in "authType".

UserManagementService - getPasswordPolicy

ChangePasswordPreProcessor

From the request, takes the value of "userExists", "AuthExists", "authType", "userId".

  1. If "userId" is empty or "userExists" flag is false, adds an error message as "Given Username does not exist please Check Username".

  2. If "AuthExists" flag is true, adds an error message as "Static password Authenticator does not exist".

For both steps, updates "sequenceFailed" to true. Then adds "userId" and "id" (id = userId + "." + authType) to the input Map (request).

UserManagementService - changePassword

ChangePasswordPostProcessor

Processes the output of "ChangePassword", from request takes "ChangePasswordError" to "error", "opstatus".

If "opstatus" is empty or 0, updates "error" message to "errorMsgDetail", "sequenceFailed" to true and "status" to false. If no error, updates "status" to true.

UserManagementService - changePassword

ChangePasswordOrchPostProcessor

From the request, takes "sequenceFailed" flag. If this flag is true, shows "errorMsgDetail", "status" as false and "opStatus" as "-1". If flag is false, shows the result.

ChangePassword - ChangePassword (Orchestartion)

CreateDevicePreProcessor

Calculates the start and expire date based on the current date and time and sets it in the request(inputMap), from server setting takes the value of "DEVICE_TYPE", if not empty, sets in the request(inputMap).

ScimAPIs - createNewDevice

CreateDevicePostprocessor

Takes the "DeviceId" value from the request, if value is not present, keeps null. If "DeviceId" is empty, collects an error message named as "detail_CreateDevice" from the request, if the error message is also empty, updates the error message as "Service Failed Please try again Later" and keeps the same in the request.

ScimAPIs - createNewDevice

 

Self-Service Component Services

Object Services

ServiceName DataModel Mapping Purpose InputParams

HIDUserManagement

ChangePassword

ChangePwd

Change the user's password.

userName, Password

HIDUserManagement

DeviceRegistrationPolling

deviceRegistrationPolling

Poll if the device registration was a success or failure.

deviceId

HIDUserManagement

PasswordPolicy

getPolicy

Get the password policy instructions.

authType

HIDUserManagement

RegisterDevice

getProvisioningMsg

Register a new device for the user.

userName, DeviceId, usernameWithRandomNo

HIDUserManagement

SearchDevices

SearchDevices

Display the user's devices.

username, userId

HIDUserManagement

UpdateDeviceName

updateFriendlyName

Update the device friendly name.

deviceId, friendlyName

HIDUserManagement

UpdateDeviceStatus

updateDeviceStatus

Update the device status.

deviceId, status

HID Fabric Services

Names Operation Name Service Type Description

UserManagementService

SearchUser

Integration

Performs a user search.

UserManagementService

changePassword

Integration

Performs a change user password.

ChangePassword

ChangePassword

Orchestration

Orchestration for Change password

UserManagementService

getPasswordPolicy

Integration

Displays the Password policy.

SearchServices

SearchUserAuth

Integration

 

SearchServices

SearchDeviceAuth

Integration

 

SearchDevices

searchDevices

Orchestration

 

ScimAPIs

createNewDevice

Integration

Creates a new DeviceId.

ScimAPIS

updateDevice

Integration

Updates the owner of the device during HID Approve device registration request

DeviceProvisionJava

getProvisonMsg

Integration

Java code to generate a device provisioning message.

ApproveDeviceRegistrationOrch

getInviteCode

Orchestration

 

HIDPollConsensus

getHIDDeviceRegistrationStatus

Integration

Java code to perform polling while registering a device.

HIDUserManagement

DeviceRegistrationPolling

Orchestration

Orchestration for polling.

UserManagementService

updateDeviceFriendlyName

Integration

 

ScimAPIs

updateDeviceStatus

Integration