Mobile signature - policy parameters
This table lists the policy parameters specific to mobile signatures.
In addition to the policy parameters defined in this table, the policy parameter defined in the table in the chapter All credential types is also valid for mobile signature credentials.
Name | Data Type, Values | Default | Description |
---|---|---|---|
create.restrictedRoles | Data type: String | none | A list of roles that are allowed to create mobile signature credentials has the following form: list = 01 (rolelist); note that list can be empty rolelist = "[" roles "]" ; roles = 01 (role *("," role )); note that roles can be empty role is any role defined in nevisIDM. Additionally, role MUST NOT contain "[" or "]". The following semantics apply: Empty value ( "" ) or parameter not set: no restrictionsSet value: a user creating a mobile signature credential must have at least one role of the roles present in the provided list to successfully create a mobile signature credential. Setting an empty list ("[]") disallows all users to create mobile signature credentials. In particular, this is different from setting an empty value ("").Example: [nevisIdm.Root,nevisIdm.ClientRoot] |
credentialLifetime | Data type: int (>0) | 10 years in milliseconds | Lifetime of a mobile signature credential in milliseconds. After the defined period of time, the user will no longer be able to use his mobile signature credential. |
defaultMsspIdentifier | Data type: String | none | Default value for the "MSSP identifier" attribute. This value will be set in the credential at creation or modification time if and only if no MSSP identifier value is supplied. |
maxCredFailureCount | Data type: int (>0) or -1 | 3 | Maximum number of login failures before a mobile signature credential is definitely locked. If set to "-1", the max. failure counter is disabled. |
modify.restrictedRoles | Data type: String | none | A list of roles that are allowed to create mobile signature credentials has the following form: list = 01 (rolelist); note that list can be empty rolelist = "[" roles "]" ; roles = 01 (role *("," role )); note that roles can be empty role is any role defined in nevisIDM. Additionally, role MUST NOT contain "[" or "]". The following semantics apply: Empty value ( "" ) or parameter not set: no restrictionsSet value: a user creating a mobile signature credential must have at least one role of the roles present in the provided list to successfully create a mobile signature credential. Setting an empty list ("[]") disallows all users to create mobile signature credentials. In particular, this is different from setting an empty value ("").Example: [nevisIdm.Root,nevisIdm.ClientRoot] |
validation.msisdn.regex | Data type: String | none, i.e., no validation check performed | Regular expression for input validation of the MSISDN. Example: ^(+\|00)(\d ?(\d ?){0,14}\d{2} ?(\d ?){0,13}\d{3} ?(\d ?){0,13}\|\d{3} ?(\d?){0,12})$\|^0(\d ?)(0, 13) $ |