Fetch User Details
The retrieveUser operation is used to search the details of a particular user.
aa813test
2112861
The retrieveUser operation is used to search the details of a particular user.
This section walks you through the following topics for fetching the user details:
- Preparing the Request Message
- Invoking the Web Service
- Interpreting the Response Message
Preparing the Request Message
The following table lists the elements of the retrieveUserRequest message:
Element | Mandatory | Description |
userIdentifier | Yes | The unique identifier (user name) with which the user is identified in the system. |
orgName | No | The name of the organization to which the user belongs to. Note: If the organization name is not passed, then the Default Organization is used for the operation. |
accountType | No | The attribute that qualifies the account ID and provides additional context about the usage of the account ID. |
filter/includeImage | No | The flag to indicate whether the user image has to be retrieved or not. Supported values are: 0: Indicates that the image must not be retrieved. This is the default value. 1: Indicates that the image must be retrieved. |
filter/includeAccounts | No | The flag to indicate whether the user accounts have to be retrieved or not. Supported values are: 0: Indicates that the user accounts must not be retrieved. This is the default value. 1: Indicates that the user accounts must be retrieved. |
filter/deepSearch | No | The flag to indicate whether the user must be searched based on more than one parameter. Supported values are: 0: Indicates that the users will be searched based on their user names only .1: Indicates that the users will be searched using the following details:
First search attribute: User name
Second search attribute: Account ID
Third search attribute: Account ID attribute
If the user details are not found using the first search attribute, then the second attribute is used. If both the first and second attributes fail to fetch the user details, then the third attribute is used to search the user details. |
clientTxId | No | The unique transaction identifier that the calling application can include. This identifier helps in tracking the related transactions. |
Invoking the Web Service
To retrieve the details of a user:
- (Optional) Include the authentication and authorization details in the header of the retrieveUser operation. See the section, "Managing Web Services Security" for more information on the header elements.
- Use the retrieveUserRequest elements to collect the user details.
- Use the retrieveUserRequest message and construct the input message by using the details obtained in preceding step.
- Invoke the retrieveUser operation of the ArcotUserRegistrySvc service to fetch the user details.This operation returns the retrieveUserResponse message that includes the transaction identifier and the authentication token. See the following section for more information on the response message.
Interpreting the Response Message
The response message, retrieveUserResponse, returns the transaction identifier and authentication token in the SOAP envelope header. The SOAP body includes the user details for a successful transaction and the Fault response for an error condition.
The following table provides more information on the elements returned for a successful transaction. See the section, "Error Codes" if there are any errors.
Element | Description |
Header Elements | |
udsTransactionID | The unique identifier of the transaction that is performed using UDS. |
authToken | The authentication token that is returned if the credential verification to access Web services was successful. This token eliminates the need for you to present the authentication credential for successive access to the Web services. By default, the authentication token is valid for one day, after which you need to authenticate again. |
Body Elements | |
userId/orgName | The name of the organization to which the user belongs to. |
userId/userName | The unique identifier with which the user is identified in the system. |
userId/userRefId | The identifier that is used as a reference to track different operations performed by a user. |
dateCreated | The timestamp when the user was created in the system. |
dateModified | The timestamp when the user details were last modified. |
emailId | The email ID of the user that has been registered. If multiple email IDs are configured for the user, then all email IDs are fetched. |
telephoneNumber | The telephone number of the user that has been registered. If multiple telephone numbers are configured for the user, then all numbers are fetched. |
firstName | The first name of the user. |
middleName | The middle name of the user. |
lastName | The last name of the user. |
pam | The Personal Assurance Message (PAM) string is displayed to the user, when they try to access a resource protected by CA Strong Authentication. |
pamImageURL | The URL which contains the image that is displayed to the user, when they try to access the CA Strong Authentication-protected resource. |
image | The picture that the user wants to upload to identify themselves. |
status | The status of the user. Following are the supported values: INITIAL ACTIVE INACTIVE DELETED Note: If you do not pass the value, then by default the status is set as ACTIVE. |
customAttribute | The additional user information in name-value pairs. name
Indicates the name of the attribute that you want to create. value
Indicates the corresponding value for the name. |
startLockTime | The timestamp when the user was deactivated. |
endLockTime | The timestamp when the deactivated user has to be activated. |
account/accountType | The attribute that qualifies the account ID and provides additional context about the usage of the account ID. |
account/accountID | The alternate identifier that is used to identify the user in addition to the user name. The account ID is also known as account. |
account/accountStatus | The status of the account. Following are the supported values: 0-9: Indicates that the account is in the INITIAL state. 10-19: Indicates that the account is in the ACTIVE state. 20-29: Indicates that the account is in the INACTIVE state. 30-39: Indicates that the account is in the DELETED state. >39: Indicates that the account state is UNKNOWN. |
account/accountIDAttribute | The alternate identifier that is used to identify the user in the system. |
account/dateCreated | The timestamp when the account ID was created. |
account/dateModified | The timestamp when the account ID was last modified. |
account/accountCustomAttribute | The additional account information that you want to pass as a name-value pair. attributename
Indicates the name of the custom attribute. attributevalue
Indicates the corresponding value for the name. |