Fetching User Details Using Accounts

To fetch the user details using their account information, you must use the listUsersForAccount operation. This section walks you through the following topics for fetching the user information based on the user accounts:
aa821test
2112884
To fetch the user details using their account information, you must use the listUsersForAccount operation. This section walks you through the following topics for fetching the user information based on the user accounts:
  • Preparing the Request Message
  • Invoking the Web Service
  • Interpreting the Response Message
 
Preparing the Request Message
 
The following table lists the elements of the listUsersForAccountRequest message:
 
Element
 
 
Mandatory
 
 
Description
 
orgName
No
The name of the organization to which the user belongs.
 
Note: 
If the organization name is not passed, then the Default Organization is used for the operation.
accountType
No
The attribute that qualifies the account ID and provides additional context about the usage of the account ID.
 
Note: 
The accountID and accountIDAttribute elements are optional, but you must pass at least one element.
accountID
No
The alternate identifier that is used to identify the user in addition to the user name. The account ID is also known as account.
accountIDAttribute
No
The alternate identifier that is used to identify the user in the system.
 
Note: 
You 
cannot
 pass more than three account ID attributes for a user.
filter/includeImage
No
The flag to indicate whether the user image has to be retrieved or not. Supported values are:
0: Indicates that the image must not be retrieved.
1: Indicates that the image must be retrieved.
filter/includeAccounts
No
The flag to indicate whether the user accounts have to be retrieved or not. Supported values are:
0: Indicates that the user accounts must not be retrieved.
1: Indicates that the user accounts must be retrieved.
clientTxId
No
The unique transaction identifier that the calling application can include. This identifier helps in tracking the related transactions.
 
Invoking the Web Service
 
To fetch the user details using their account information:
  1. (Optional) Include the authentication and authorization details in the header of the listUsersForAccount operation. See the section, "Manage Web Services Security" for more information on the header elements.
  2. Use the listUsersForAccountRequest elements to collect the user account information, as listed in the preceding table.
  3. Use the listUsersForAccountRequest message and construct the input message by using the details obtained in preceding step.
  4. Invoke the listUsersForAccount operation of the ArcotUserRegistrySvc service to fetch the user details based on the account information.
    This operation returns listUsersForAccountResponse message that includes the transaction identifier, authentication token, and user details. See the following section for more information on the response message.
 
Interpreting the Response Message
 
The response message, listUsersForAccountResponse, returns the transaction identifier and the authentication token in the SOAP envelope header. The SOAP body includes the user details for a successful transaction and the fault response for an error condition.
See the following table for more information on the elements returned for a successful transaction. See the section, "Error Codes" if there are any errors.
 
Element
 
 
Description
 
 
Header Elements
 
udsTransactionID
The unique identifier of the transaction that is performed using UDS.
authToken
The authentication token that is returned if the credential verification to access Web services was successful. This token eliminates the need for you to present the authentication credential for successive access to the Web services.
By default, the authentication token is valid for 
one
 day, after which you need to authenticate again.
 
Body Elements
 
userId/orgName
The name of the organization to which the user belongs.
userId/userName
The unique identifier with which the user is identified in the system.
userId/userRefId
The identifier that is used as a reference to track different operations performed by a user.
dateCreated
The timestamp when the user was created in the system.
dateModified
The timestamp when the user details were last modified.
emailId
The email ID of the user that has been registered. If multiple email IDs are configured for the user, then all the email IDs are fetched.
telephoneNumber
The telephone number of the user that has been registered. If multiple telephone numbers are configured for the user, then all the numbers are fetched.
firstName
The first name of the user.
middleName
The middle name of the user.
lastName
The last name of the user.
pam
The Personal Assurance Message (PAM) string that is displayed to the user when they try to access a resource protected by CA Strong Authentication.
pamImageURL
The URL, which contains the image that is displayed to the user when they try to access a resource protected by CA Strong Authentication.
image
The picture that the user wants to upload to identify themselves.
status
The status of the user. Following are the supported values:
INITIAL
ACTIVE
INACTIVE
DELETED
customAttribute
The additional user information that you want to pass as a name-value pair.
name
Indicates the name of the attribute that you want to create.
value
Indicates the corresponding value for the name.
startLockTime
The timestamp when the user has to be deactivated.
endLockTime
The timestamp when the deactivated user has to be activated.
account/accountType
The attribute that qualifies the account ID and provides additional context about the usage of the account ID.
account/accountID
The alternate identifier that is used to identify the user in addition to the user name. The account ID is also known as account.
account/accountStatus
The status of the account. Following are the supported values:
0-9: Indicates that the account is in the INITIAL state.
10-19: Indicates that the account is in the ACTIVE state.
20-29: Indicates that the account is in the INACTIVE state.
30-39: Indicates that the account is in the DELETED state.
>39: Indicates that the account state is UNKNOWN.
account/accountIDAttribute
The alternate identifier that is used to identify the user in the system.
account/dateCreated
The timestamp when the account ID was created.
account/dateModified
The timestamp when the account ID was last modified.
account/accountCustomAttribute
The additional account information that you want to pass as a name-value pair.
attributeName
Indicates the name of the attribute that you want to create.
attributeValue
Indicates the corresponding value for the name.