Skip to main content
Version: 8.2505.x.x RR

credentialDetailLevel

If credentialDetailLevel is set, the response can contain the following information:

  • EXCLUDE: No credential information is returned.
  • LOW:
    • userExtId
    • state
    • type
    • extId
  • MEDIUM: All elements from the LOW detail level plus:
    • lastLogin
    • lastLoginFailure
    • lastChange
    • validFrom
    • validTo
    • failureCount
    • successCount
    • resetCount
    • value
    • context
    • policyName
    • policyExtId
    • stateChangeReasonCd
    • stateChangeDetail
    • name
    • autoTransitionState
    • autoTransitionDate
    • certificate (if certificateDetailLevel is not set to EXCLUDE)
      • credentialExtId
      • state
      • subjectDn
      • (userExtId
      • shaFingerprint
      • certificate
      • serial
      • issuerDn
      • subjectKeyIdentifier) if certificateDetailLevel is set at least to MEDIUM
      • (ctlCreUid
      • ctlCreDat
      • ctlModUid
      • ctlModDat
      • ctlTcn) if certificateDetailLevel is set to HIGH
    • mobileSignature (if mobileSignatureDetailLevel is not set to EXCLUDE)
      • userExtId
      • credentialExtId
      • state
      • (identificator
      • msspIdentifier
      • msisdn
      • signerCert) if mobileSignatureDetailLevel is set at least to MEDIUM
      • (ctlCreUid
      • ctlCreDat
      • ctlModUid
      • ctlModDat
      • ctlTcn) if mobileSignatureDetailLevel is set to HIGH
    • samlFederation (if samlFederationDetailLevel is not set to EXCLUDE)
      • userExtId
      • credentialExtId
      • state
      • (subjectNameId
      • subjectNameIdFormat
      • issuerNameId
      • issuerNameIdFormat) if samlFederationDetailLevel is set at least to MEDIUM
      • (ctlCreUid
      • ctlCreDat
      • ctlModUid
      • ctlModDat
      • ctlTcn) if samlFederationDetailLevel is set to HIGH
    • securityQuestion (if securityQuestionsDetailLevel is not set to EXCLUDE)
      • userExtId
      • credentialExtId
      • state
      • answers
        • (ctlCreUid
        • ctlCreDat
        • ctlModUid
        • ctlModDat
        • ctlTcn) if securityQuestionsDetailLevel is set to HIGH
        • question
          • extId
          • (description
          • state
          • displayName
            • entries
              • lang
              • value
          • content
            • entries
              • lang
              • value) if securityQuestionsDetailLevel is set at least to MEDIUM
        • answer
        • (revealCount
        • failureCount
        • successCount) if securityQuestionsDetailLevel is set at least to MEDIUM
      • (ctlCreUid
      • ctlCreDat
      • ctlModUid
      • ctlModDat
      • ctlTcn) if securityQuestionsDetailLevel is set to HIGH
    • fidoUaf
      • aaid
      • keyId
      • signCounter
      • authenticatorVersion
      • deviceId
      • appId
      • publicKeyAlgorithm
    • oath
      • type
      • algorithm
      • digits
      • period
    • properties (if propertyDetailLevel is not set to EXCLUDE)
      • name
      • value
  • HIGH: All elements from the MEDIUM detail level plus:
    • ctlCreUid
    • ctlCreDat
    • ctlModUid
    • ctlModDat
    • ctlTcn

The following detail levels can be useful in combination with credentialDetailLevel:

  • propertyDetailLevel
  • certificateDetailLevel
  • mobileSignatureDetailLevel
  • samlFederationDetailLevel
  • securityQuestionsDetailLevel
  • defaultDetailLevel

Example of a request and response with credentialDetailLevel and securityQuestionsDetailLevel set to MEDIUM:

Request:

<v1:queryCredentials>
  <query>
    <clientName>Default</clientName>
    <detailLevels>
      <credentialDetailLevel>MEDIUM</credentialDetailLevel>
      <securityQuestionsDetailLevel>MEDIUM</securityQuestionsDetailLevel>
    </detailLevels>
    <credential>
      <type>SECURITY_QUESTIONS</type>
      <userExtId>99990200</userExtId>
    </credential>
  </query>
</v1:queryCredentials>

Response:

<ns2:queryCredentialsResponse
        xmlns:ns2="http://adnovum.ch/nevisidm/ws/services/v1">
  <return>
    <userExtId>99990200</userExtId>
    <state>ACTIVE</state>
    <type>SECURITY_QUESTIONS</type>
    <lastChange>2024-05-17T13:24:28.000+02:00</lastChange>
    <validFrom>2024-05-16T13:24:28.000+02:00</validFrom>
    <validTo>2024-05-18T13:24:28.000+02:00</validTo>
    <failureCount>0</failureCount>
    <successCount>0</successCount>
    <resetCount>0</resetCount>
    <value>N/A</value>
    <extId>99991127</extId>
    <policyName>testSecurityQuestionsPolicy</policyName>
    <policyExtId>99990056</policyExtId>
    <name></name>
    <securityQuestion>
      <userExtId>99990200</userExtId>
      <credentialExtId>99991127</credentialExtId>
      <state>ACTIVE</state>
      <answers>
        <question>
          <extId>100</extId>
          <description>Sample question</description>
          <state>ACTIVE</state>
          <displayName>
            <entries>
              <lang>de</lang>
              <value>Wie lauteten der Name der Strasse, die Hausnummer, die Postleitzahl und die Ortschaft, in der Sie als Kind wohnten?</value>
            </entries>
            <entries>
              <lang>en</lang>
              <value>What was the street name, house number, postal code and city name where you lived in as a child?</value>
            </entries>
          </content>
        </question>
        <answer>*****</answer>
        <revealCount>0</revealCount>
        <failureCount>0</failureCount>
        <successCount>0</successCount>
      </answers>
    </securityQuestion>
  </return>
</ns2:queryCredentialsResponse>