credentialDetailLevel
If credentialDetailLevel
is set, the response can contain the following information:
EXCLUDE
: No credential information is returned.
LOW
:userExtId
state
type
extId
MEDIUM
:userExtId
state
type
lastLogin
lastLoginFailure
lastChange
validFrom
validTo
failureCount
successCount
resetCount
value
context
extId
policyName
policyExtId
stateChangeReasonCd
stateChangeDetail
name
autoTransitionState
autoTransitionDate
certificate
(ifcertificateDetailLevel
is not set toEXCLUDE
)credentialExtId
state
subjectDn
- (
userExtId
shaFingerprint
certificate
serial
issuerDn
subjectKeyIdentifier
) ifcertificateDetailLevel
is set at least toMEDIUM
- (
ctlCreUid
ctlCreDat
ctlModUid
ctlModDat
ctlTcn
) ifcertificateDetailLevel
is set toHIGH
mobileSignature
(ifmobileSignatureDetailLevel
is not set toEXCLUDE
)userExtId
credentialExtId
state
- (
identificator
msspIdentifier
msisdn
signerCert
) ifmobileSignatureDetailLevel
is set at least toMEDIUM
- (
ctlCreUid
ctlCreDat
ctlModUid
ctlModDat
ctlTcn
) ifmobileSignatureDetailLevel
is set toHIGH
samlFederation
(ifsamlFederationDetailLevel
is not set toEXCLUDE
)userExtId
credentialExtId
state
- (
subjectNameId
subjectNameIdFormat
issuerNameId
issuerNameIdFormat
) ifsamlFederationDetailLevel
is set at least toMEDIUM
- (
ctlCreUid
ctlCreDat
ctlModUid
ctlModDat
ctlTcn
) ifsamlFederationDetailLevel
is set toHIGH
securityQuestion
(ifsecurityQuestionsDetailLevel
is not set toEXCLUDE
)userExtId
credentialExtId
state
answers
- (
ctlCreUid
ctlCreDat
ctlModUid
ctlModDat
ctlTcn
) ifsecurityQuestionsDetailLevel
is set toHIGH
question
extId
- (
description
state
displayName
entries
lang
value
content
entries
lang
value
) ifsecurityQuestionsDetailLevel
is set at least toMEDIUM
answer
- (
revealCount
failureCount
successCount
) ifsecurityQuestionsDetailLevel
is set at least toMEDIUM
- (
- (
ctlCreUid
ctlCreDat
ctlModUid
ctlModDat
ctlTcn
) ifsecurityQuestionsDetailLevel
is set toHIGH
fidoUaf
aaid
keyId
signCounter
authenticatorVersion
deviceId
appId
publicKeyAlgorithm
oath
type
algorithm
digits
period
properties
(ifpropertyDetailLevel
is not set to EXCLUDE)name
value
HIGH
: All elements from theMEDIUM
detail level plus:ctlCreUid
ctlCreDat
ctlModUid
ctlModDat
ctlTcn
The following detail levels can be useful in combination with credentialDetailLevel
:
propertyDetailLevel
certificateDetailLevel
mobileSignatureDetailLevel
samlFederationDetailLevel
securityQuestionsDetailLevel
defaultDetailLevel
Example of a request and response with credentialDetailLevel
and securityQuestionsDetailLevel
set to MEDIUM
:
Request:
<v1:queryCredentials>
<query>
<clientName>Default</clientName>
<detailLevels>
<credentialDetailLevel>MEDIUM</credentialDetailLevel>
<securityQuestionsDetailLevel>MEDIUM</securityQuestionsDetailLevel>
</detailLevels>
<credential>
<type>SECURITY_QUESTIONS</type>
<userExtId>99990200</userExtId>
</credential>
</query>
</v1:queryCredentials>
Response:
<ns2:queryCredentialsResponse
xmlns:ns2="http://adnovum.ch/nevisidm/ws/services/v1">
<return>
<userExtId>99990200</userExtId>
<state>ACTIVE</state>
<type>SECURITY_QUESTIONS</type>
<lastChange>2024-05-17T13:24:28.000+02:00</lastChange>
<validFrom>2024-05-16T13:24:28.000+02:00</validFrom>
<validTo>2024-05-18T13:24:28.000+02:00</validTo>
<failureCount>0</failureCount>
<successCount>0</successCount>
<resetCount>0</resetCount>
<value>N/A</value>
<extId>99991127</extId>
<policyName>testSecurityQuestionsPolicy</policyName>
<policyExtId>99990056</policyExtId>
<name></name>
<securityQuestion>
<userExtId>99990200</userExtId>
<credentialExtId>99991127</credentialExtId>
<state>ACTIVE</state>
<answers>
<question>
<extId>100</extId>
<description>Sample question</description>
<state>ACTIVE</state>
<displayName>
<entries>
<lang>de</lang>
<value>Wie lauteten der Name der Strasse, die Hausnummer, die Postleitzahl und die Ortschaft, in der Sie als Kind wohnten?</value>
</entries>
<entries>
<lang>en</lang>
<value>What was the street name, house number, postal code and city name where you lived in as a child?</value>
</entries>
</content>
</question>
<answer>*****</answer>
<revealCount>0</revealCount>
<failureCount>0</failureCount>
<successCount>0</successCount>
</answers>
</securityQuestion>
</return>
</ns2:queryCredentialsResponse>