Skip to main content
Version: 2.82.x.x LTS

URL ticket

This table lists the policy parameters specific to URL tickets.

In addition to the policy parameters defined in this table, the policy parameter defined in All credential types is also valid for URL ticket credentials.

NameData Type, ValuesDefaultDescription
credentialLifetimeData type: int (>0)5 days in
milliseconds
Lifetime of a URL ticket in milliseconds. After the defined period of time, the user will no longer be able to use his URL ticket.
exposeLinkToCallerData type: booleanfalseIf set to true, it returns the created link to the caller of the web service in the "newValue" attribute.
maxCredFailureCountData type: int (>0) or -13Maximum number of login failures before a generic credential is definitely locked. If set to "-1", the max. failure counter is disabled.
sendingMethodData Type: comma-separated list of enums Values: any subset of PDFstore, Print, Email, HTMLemail, PDFemail, SMS_SMTP, NoneEmailDefines a fallback list of different methods of how a credential should be communicated to the user (if the first method fails for some reason, the second is tried, and so on).
Method "Email" will fail if the user has no e-mail address or the address is invalid. Method "SMS_SMTP" will fail if the user has no mobile number or the mobile number is invalid. All methods (except None) will fail if the corresponding template is missing or one or more of the mandatory placeholders are empty. If sendingMethod was not defined at all, nevisIDM takes the default value. The default value has no fallbacks.
If "PDFstore" is configured, the following additional parameters can be defined:
    PDFstore.destDir (optional): Defines the destination directory where the PDF is to be saved. If the parameter is not configured, the destination directory set in the configuration nevisidm-prod.properties will be used as fallback.
If "SMS_SMTP" is configured, the following additional parameters have to be defined:
    SMS_SMTP.smtp.host (mandatory): host name of the SMTP server. During the startup, the availability of the configured SMTP server is checked.
    SMS_SMTP.smtp.port: port of the SMTP server.
    SMS_SMTP.message.from (mandatory): Sender of the SMS message. It has to be a valid e-mail address.
    SMS_SMTP.message.to (mandatory): Receiver of the SMS message. It has to contain the "${phonenumber}" placeholder. For example: ${phonenumber}@sms.mycompany.ch.
    SMS_SMTP.message.subject (mandatory): Subject of the e-mail sent to the SMTP gateway.
The sending method "PDFemail" requires two templates: one e-mail and one OpenOffice template. If either of the templates is missing, the PDF sending will fail. The credential value will be propagated only to the PDF document. If "PDFemail" is configured, the following additional parameter can be defined:
    PDFemail.htmlEmail (optional, default: false): If the parameter is "true", an HTML e-mail will be sent. Otherwise, a plain text e-mail will be sent.
templatePrecedenceData type: intnullThe precedence number of the template we want to use during the communication with the user. If the parameter is not set, the default template will be used. If no template exists with the given precedence number, an error will occur.
tmpLockingDurationData type: long60000Duration of the temporary locking in milliseconds. Use a tmpLockingDuration of at least 30000 since the exact duration cannot be guaranteed below this value.
tmpLockingModeData type: String Values: strict, thresholdstrictstrict: when the first temporary locking period is over, the user can try to log in only once before the next temporary locking period activates.
threshold: the user can always try "tmpLockingThreshold" times to log in before the next temporary locking period activates.
tmpLockingThresholdData type: int2Number of login failures before a password is temporarily locked.
urlPrefixData type: StringnoneThe URL ticket is communicated to the credential's user as part of a personalized link. The URL prefix of this link can be set with this parameter.
Example: If the urlPrefix is <http://www.mycompany.ch/nevisidm/resetPin?x>=, the personalized link will look like this:http://www.mycompany.ch/nevisidm/resetPin?x>=Npw6Cm78WupusGwelmLx0LeujLwWh1RfOmJIlSRo6P6h5maGfKlR5‑rK7i_nR7QqaLI8SgNyqmCKdmjnFylBA Within templates, the link is referenced by the variable _LINK_ )
urlTicketCharacterSetData type: Stringabcdefghijklmn
opqrstuvwxyz
ABCDEFGHIJKLMN
OPQRSTUVWXYZ
0123456789
The parameter urlTicketCharacterSet is deprecated. It is recommended using the fully generated URL based on the URL prefix instead (as set in the parameter urlPrefix). The characters used when generating the URL ticket using the SOAP API.
urlTicketLenData type: int (>-1)30Length of the generated URL ticket. It is communicated to the credential's user as part of a personalized link.