Update a mobile signature

PATCH /nevisidm/api/core/v1/:clientExtId/users/:userExtId/mobile-signature

Since: 8.2605.0, 9.2605.0

Required permission(s): AccessControl.CredentialModify

Partially updates the mobile signature credential of the specified user. Only provided fields will be updated.

Request

Path Parameters

clientExtId stringrequired

External ID of the client.

Example: client-123

userExtId stringrequired

External ID of the user.

Example: user-123

application/json

Body

required

stateName string

Possible values: [initial, active, tmp-locked, fail-locked, reset-code, admin-changed, disabled, archived]

State of the credential.

modificationComment string

Comment describing the modification.

version int32

Version of the credential for optimistic locking.

policyExtId string

External ID of the used policy.

identificator string

MSSP-specific identificator of the mobile signature credential.

msspIdentifier string

URI-based identifier of MSSP.

signerCert string

X509 signer certificate in PEM format.

msisdn string

Calling number for mobile device according to ETSI Standard.

Responses

Mobile signature updated successfully

application/json

Schema
Example (from schema)

Schema

created string

Creation date of the entity.

lastModified string

Date when the entity was last modified.

version int32

Version used for optimistic locking.

extId string

The external ID of the credential.

userExtId string

The external ID of the user to whom the credential belongs.

policyExtId string

The external ID of the used policy.

stateName string

Possible values: [initial, active, tmp-locked, fail-locked, reset-code, admin-changed, disabled, archived]

The state of the credential. Available values: initial, active, tmp-locked, fail-locked, reset-code, admin-changed, disabled, archived.

stateChangeReason string

Reason for the last state change of the password.

stateChangeDetail string

Reason detail for the last state change of the password.

lastSuccessfulLoginDate string

Timestamp of last successful login.

successfulLoginCount int32

Counts successful logins with this credential since last initialization or reset.

lastFailedLoginDate string

Date of last non-technical login failure, for example, wrong password.

failedLoginCount int32

Counts non-technical login failures since the last successful login, initialization or reset.

modificationComment string

Textual comment regarding the last modification.

type string

Possible values: [Password, Certificate, SecurID User Mapping, Ticket Authorization, Safeword User Mapping, OTP Card, Temporary Strong Password, Generic Credential, Kerberos, mTan, Vasco, PUK, URL Ticket, DevicePassword, MobileSignature, SAML Federation, Security Questions, Context Password, OATH, FIDO UAF Authenticator, Recovery Code, FIDO2 Authenticator]

Type of credential.

validity object

Describes the validity period of the password.

from string

Start date of the entity's validity in ISO format.

to string

End date of the entity's validity in ISO format.

identificator string

MSSP-specific identificator of the mobile signature credential.

msspIdentifier string

URI-based identifier of MSSP.

signerCert string

X509 signer certificate in PEM format.

msisdn string

Calling number for mobile device according to ETSI Standard.

{
  "created": "2023-08-18T12:34:56Z",
  "lastModified": "2023-08-18T12:34:56Z",
  "version": 1,
  "extId": "cred-123",
  "userExtId": "user-123",
  "policyExtId": "policy-123",
  "stateName": "active",
  "stateChangeReason": "Reset by admin",
  "stateChangeDetail": "Reset due to security policy",
  "lastSuccessfulLoginDate": "2023-08-18T12:34:56Z",
  "successfulLoginCount": 15,
  "lastFailedLoginDate": "2023-08-17T09:12:34Z",
  "failedLoginCount": 3,
  "modificationComment": "Updated by admin.",
  "type": "FIDO UAF Authenticator",
  "validity": {
    "from": "2023-01-01T00:00:00Z",
    "to": "2033-12-31T23:59:59Z"
  },
  "identificator": "IDENTIFICATOR0123",
  "msspIdentifier": "http://www.msisdn.ch",
  "signerCert": "MIIBIjANBgkqhki...",
  "msisdn": "+447123456789"
}

Insufficient permissions

application/json

Schema
Example (from schema)
Permission denied
Dataroom permission denied

Schema

errors ErrorMessageDTO[]

Possible values: [errors.fatalError, errors.unknownReason, errors.inconsistentData, errors.duplicateName, errors.invalidData, errors.duplicateValue, errors.duplicateEmail, errors.duplicateMobile, errors.undeletedDependencies, errors.noRecord, errors.invalidConfig, errors.missingReferenceData, errors.recordDeleted, errors.modifyReadonlyData, errors.tooManySearchResults, errors.pessimisticLockingFailure, errors.policyViolation, errors.deleteDefaultEntityFailure, errors.emailChannel, errors.noSmtpConnection, errors.SmtpNotConfigured, errors.propertyUniquenessViolated, errors.property.stringmaxlen, errors.property.stringregex, errors.property.regexinv, errors.pwdPolicyViolated, errors.certificatePolicyViolated, errors.identifierPolicyViolated, errors.passwordExists, errors.mtanFormatViolated, errors.mtanFormatE164Violated, errors.tempStrongPasswordExists, errors.safewordExists, errors.securidExists, errors.ticketExists, errors.kerberosExists, errors.tooManyOTPCards, errors.urlTicketMissingURLPrefix, errors.certificateExists, errors.vascoExists, errors.PUKExists, errors.URLTicketExists, errors.mobileSignatureExists, errors.securityQuestionsExists, errors.recoveryCodeExists, errors.securityQuestionsMaxReached, errors.qrCodeGenerationFailed, errors.oathSecretIsShared, errors.nocertcred, errors.CredTypeUnitPolicyViolated, errors.CredTypeClientPolicyViolated, errors.credentialNotActive, errors.dimensionNotMatch, errors.noTemplate, errors.pdfPrintingFailure, errors.missingMandatoryPlaceholder, errors.defaultCollectionDelete, errors.tableTypeMismatch, errors.nullRequestBody, errors.deserialization, errors.nullParameter, errors.invalidParameter, errors.invalidDate, errors.invalidDateOrDateTime, errors.invalidDateInterval, errors.invalidMobile, errors.mobileCannotBeDeleted, errors.mobileMissing, errors.userLoginIdNull, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userNameNull, errors.userFirstNameNull, errors.userSexNull, errors.userCountryNull, errors.userEmailNull, errors.userMobileNull, errors.userPhoneFormat, errors.userEmailFormat, errors.msisdnFormat, errors.applicationNameNull, errors.credentialFidoUaf.invalidAuthVersionFormat, errors.credentialFidoUaf.invalidPublicKeyAlgorithm, errors.credentialFidoUaf.invalidKeyIdFormat, errors.credentialFidoUaf.invalidAaidFormat, errors.credentialFidoUaf.emptyAppId, errors.credentialFidoUaf.notUnique, errors.msspIdentifierMissing, errors.invalidTimeInterval, errors.unitInvalidValidityPeriodParent, errors.unitInvalidValidFromParameterParent, errors.unitInvalidValidUntilParameterParent, errors.unitInvalidValidityPeriodChild, errors.unitInvalidValidFromParameterChild, errors.unitInvalidValidUntilParameterChild, errors.noClientFound, errors.inconsistentClientAssignment, errors.noDefaultUnitInClient, errors.samlAttributeFormat, errors.insufficientRightsFunction, errors.maxResetCount, errors.insufficientFineGrainedRights, errors.potentialPrivilegeEscalation, errors.applDataroomDenied, errors.unitDataroomDenied, errors.eRoleDataroomDenied, errors.combinedDataroomDenied, errors.clientDataroomDenied, errors.referenceDataChangeDenied, errors.attrAccessForbidden, errors.filesystemIO, errors.reporting.tooManyRequests, errors.modifyArchivedUser, errors.modifyArchivedCredential, errors.archiveCredentialDenied, errors.modifyArchivedProfile, errors.assignDisabledUnit, errors.assignProfilelessUnit, errors.profilelessFlagCannotBeSet, errors.modifyExtId, errors.docTypeNotModifiable, errors.addIdmToApplDataroom, errors.applicationLimitsDataroomUnitsMaxExceeded, errors.assignSubunitAsParent, errors.history.norecord, errors.loginIdGeneratorFailed, errors.fileupload.vasco, errors.techUser.oneProfile, errors.urlTicket.invalidFormat, errors.passwordChangeDeadlineExceeded, errors.pcyconf.invalidParamValue, errors.pcyconf.missingParam, errors.pcyconf.missingProfilePolicy, errors.pcyconf.multipleClientPolicy, errors.pcyconf.invalidParamName, errors.userImport.fileupload.invalidTemplate, errors.enterpriseRolesDisabled, errors.queryServiceDisabled, errors.serviceDisabled, errors.invalidUri, errors.unsupportedMediaType, errors.jsonProcessingError, errors.unsupportedOperation, errors.unsupportedCredentialTypeToCreate, errors.unsupportedCredentialTypeToDelete, errors.credentialTypeWithoutProperties, errors.invalidAssignIdmroleToErole, errors.invalidJWTToken, errors.modifyProtectedFieldInvalidJWTToken, errors.optimisticLockingFailure, errors.deleteDefaultUnitCredPolicyFailure, errors.otherGenderPolicyDisabled, error.login.userState, error.job.execution.failure, errors.invalidSyntax, errors.mandatoryParameterMissing, errors.fieldIsNotIndexed, errors.fieldIsNotDirectlyIndexed, errors.entityManagerNotOpen, errors.unsuccessfulQuery, errors.queryHasTimedOut, errors.emailPolicyViolated, errors.policyInconsistency]

A list of error messages describing the error(s) that occurred.

Array [

identifier object

The identifier of the entity related to the error, only used in certain error cases for BULK actions.

oneOf

CredentialExtIdIdentifierDTO
FidoUafIdentifier

clientExtId string

The external identifier of the client.

userExtId string

The external identifier of the user.

credentialExtId string

The external identifier of the credential.

code string

The error code identifying the type of error.

message string

A human-readable message providing more details about the error.

]

policyViolations PolicyViolationDTO[]

A list of policy violations that caused the error.

Array [

displayName string

The display name of the policy element that was violated.

configString string

The configuration string of the policy element that was violated.

suppliedValue string

The value that was supplied and caused the policy violation.

limitValue int32

The limit value defined in the policy element that was violated.

actualValue string

The actual value that caused the policy violation.

]

policyViolation PolicyElementViolation

cause object

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

element PolicyElement

displayName string

messageTag string

infoTag string

limitValue int32

configString string

suppliedValue string

actualvalue string

description string

message string

suppressed object[]

Array [

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

]

localizedMessage string

{
  "errors": [
    {
      "code": "errors.fatalError",
      "message": "The user with the given external ID was not found."
    }
  ],
  "policyViolations": [
    {
      "displayName": "string",
      "configString": "string",
      "suppliedValue": "4",
      "limitValue": 3,
      "actualValue": "5"
    }
  ],
  "policyViolation": {
    "cause": {
      "stackTrace": [
        {
          "classLoaderName": "string",
          "moduleName": "string",
          "moduleVersion": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    },
    "stackTrace": [
      {
        "classLoaderName": "string",
        "moduleName": "string",
        "moduleVersion": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "element": {
      "displayName": "string",
      "messageTag": "string",
      "infoTag": "string",
      "limitValue": 0,
      "configString": "string"
    },
    "suppliedValue": "string",
    "actualvalue": "string",
    "description": "string",
    "message": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "classLoaderName": "string",
            "moduleName": "string",
            "moduleVersion": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ],
    "localizedMessage": "string"
  }
}

{
  "errors": [
    {
      "code": "errors.insufficientRightsFunction",
      "message": "Permission denied: Caller does not have the required right 'AccessControl.CredentialModify' to perform this action"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.combinedDataroomDenied",
      "message": "Permission denied: AccessControl.CredentialModify"
    }
  ]
}

Referenced resource not found

application/json

Schema
Example (from schema)
Client not found
User not found
Mobile signature not found

Schema

errors ErrorMessageDTO[]

A list of error messages describing the error(s) that occurred.

Array [

identifier object

The identifier of the entity related to the error, only used in certain error cases for BULK actions.

oneOf

CredentialExtIdIdentifierDTO
FidoUafIdentifier

clientExtId string

The external identifier of the client.

userExtId string

The external identifier of the user.

credentialExtId string

The external identifier of the credential.

code string

The error code identifying the type of error.

message string

A human-readable message providing more details about the error.

]

policyViolations PolicyViolationDTO[]

A list of policy violations that caused the error.

Array [

displayName string

The display name of the policy element that was violated.

configString string

The configuration string of the policy element that was violated.

suppliedValue string

The value that was supplied and caused the policy violation.

limitValue int32

The limit value defined in the policy element that was violated.

actualValue string

The actual value that caused the policy violation.

]

policyViolation PolicyElementViolation

cause object

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

element PolicyElement

displayName string

messageTag string

infoTag string

limitValue int32

configString string

suppliedValue string

actualvalue string

description string

message string

suppressed object[]

Array [

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

]

localizedMessage string

{
  "errors": [
    {
      "code": "errors.fatalError",
      "message": "The user with the given external ID was not found."
    }
  ],
  "policyViolations": [
    {
      "displayName": "string",
      "configString": "string",
      "suppliedValue": "4",
      "limitValue": 3,
      "actualValue": "5"
    }
  ],
  "policyViolation": {
    "cause": {
      "stackTrace": [
        {
          "classLoaderName": "string",
          "moduleName": "string",
          "moduleVersion": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    },
    "stackTrace": [
      {
        "classLoaderName": "string",
        "moduleName": "string",
        "moduleVersion": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "element": {
      "displayName": "string",
      "messageTag": "string",
      "infoTag": "string",
      "limitValue": 0,
      "configString": "string"
    },
    "suppliedValue": "string",
    "actualvalue": "string",
    "description": "string",
    "message": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "classLoaderName": "string",
            "moduleName": "string",
            "moduleVersion": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ],
    "localizedMessage": "string"
  }
}

{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "Client doesn't exist with extId 'client-123'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "A user with extId 'user-123' doesn't exist on client with name Default"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "Mobile Signature credential does not exist under the user user-123"
    }
  ]
}

Optimistic locking conflict

application/json

Schema
Example (from schema)
Optimistic locking conflict

Schema

errors ErrorMessageDTO[]

A list of error messages describing the error(s) that occurred.

Array [

identifier object

The identifier of the entity related to the error, only used in certain error cases for BULK actions.

oneOf

CredentialExtIdIdentifierDTO
FidoUafIdentifier

clientExtId string

The external identifier of the client.

userExtId string

The external identifier of the user.

credentialExtId string

The external identifier of the credential.

code string

The error code identifying the type of error.

message string

A human-readable message providing more details about the error.

]

policyViolations PolicyViolationDTO[]

A list of policy violations that caused the error.

Array [

displayName string

The display name of the policy element that was violated.

configString string

The configuration string of the policy element that was violated.

suppliedValue string

The value that was supplied and caused the policy violation.

limitValue int32

The limit value defined in the policy element that was violated.

actualValue string

The actual value that caused the policy violation.

]

policyViolation PolicyElementViolation

cause object

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

element PolicyElement

displayName string

messageTag string

infoTag string

limitValue int32

configString string

suppliedValue string

actualvalue string

description string

message string

suppressed object[]

Array [

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

]

localizedMessage string

{
  "errors": [
    {
      "code": "errors.fatalError",
      "message": "The user with the given external ID was not found."
    }
  ],
  "policyViolations": [
    {
      "displayName": "string",
      "configString": "string",
      "suppliedValue": "4",
      "limitValue": 3,
      "actualValue": "5"
    }
  ],
  "policyViolation": {
    "cause": {
      "stackTrace": [
        {
          "classLoaderName": "string",
          "moduleName": "string",
          "moduleVersion": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    },
    "stackTrace": [
      {
        "classLoaderName": "string",
        "moduleName": "string",
        "moduleVersion": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "element": {
      "displayName": "string",
      "messageTag": "string",
      "infoTag": "string",
      "limitValue": 0,
      "configString": "string"
    },
    "suppliedValue": "string",
    "actualvalue": "string",
    "description": "string",
    "message": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "classLoaderName": "string",
            "moduleName": "string",
            "moduleVersion": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ],
    "localizedMessage": "string"
  }
}

{
  "errors": [
    {
      "code": "errors.optimisticLockingFailure",
      "message": "Row was already updated or deleted by another transaction"
    }
  ]
}

Invalid request parameters

application/json

Schema
Example (from schema)
Invalid credential state
Policy configuration not found
Policy configuration type mismatch
Default policy configuration does not exist
Invalid signer certificate

Schema

errors ErrorMessageDTO[]

A list of error messages describing the error(s) that occurred.

Array [

identifier object

The identifier of the entity related to the error, only used in certain error cases for BULK actions.

oneOf

CredentialExtIdIdentifierDTO
FidoUafIdentifier

clientExtId string

The external identifier of the client.

userExtId string

The external identifier of the user.

credentialExtId string

The external identifier of the credential.

code string

The error code identifying the type of error.

message string

A human-readable message providing more details about the error.

]

policyViolations PolicyViolationDTO[]

A list of policy violations that caused the error.

Array [

displayName string

The display name of the policy element that was violated.

configString string

The configuration string of the policy element that was violated.

suppliedValue string

The value that was supplied and caused the policy violation.

limitValue int32

The limit value defined in the policy element that was violated.

actualValue string

The actual value that caused the policy violation.

]

policyViolation PolicyElementViolation

cause object

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

element PolicyElement

displayName string

messageTag string

infoTag string

limitValue int32

configString string

suppliedValue string

actualvalue string

description string

message string

suppressed object[]

Array [

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

]

localizedMessage string

{
  "errors": [
    {
      "code": "errors.fatalError",
      "message": "The user with the given external ID was not found."
    }
  ],
  "policyViolations": [
    {
      "displayName": "string",
      "configString": "string",
      "suppliedValue": "4",
      "limitValue": 3,
      "actualValue": "5"
    }
  ],
  "policyViolation": {
    "cause": {
      "stackTrace": [
        {
          "classLoaderName": "string",
          "moduleName": "string",
          "moduleVersion": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    },
    "stackTrace": [
      {
        "classLoaderName": "string",
        "moduleName": "string",
        "moduleVersion": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "element": {
      "displayName": "string",
      "messageTag": "string",
      "infoTag": "string",
      "limitValue": 0,
      "configString": "string"
    },
    "suppliedValue": "string",
    "actualvalue": "string",
    "description": "string",
    "message": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "classLoaderName": "string",
            "moduleName": "string",
            "moduleVersion": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ],
    "localizedMessage": "string"
  }
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "Invalid CredentialState name 'invalid_state'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "PolicyConfiguration doesn't exist with extId 'policy-123'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "Policy Configuration policy-123 is not of type GenericCredentialPolicy"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "Default Policy Configuration does not exist for type GenericCredentialPolicy!"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Incomplete BER/DER data"
    }
  ]
}

Update a mobile signature

/nevisidm/api/core/v1/:clientExtId/users/:userExtId/mobile-signature

Request​

Path Parameters

Body

Responses​

Request

Responses