URL ticket
This table lists the policy parameters specific to URL tickets.
In addition to the policy parameters defined in this table, the policy parameter defined in All credential types is also valid for URL ticket credentials.
| Name | Data Type, Values | Default | Description |
|---|---|---|---|
| credentialLifetime | Data type: int (>0) | 5 days in milliseconds | Lifetime of a URL ticket in milliseconds. After the defined period of time, the user will no longer be able to use his URL ticket. |
| exposeLinkToCaller | Data type: boolean | false | If set to true, it returns the created link to the caller of the web service in the "newValue" attribute. |
| maxCredFailureCount | Data type: int (>0) or -1 | 3 | Maximum number of login failures before a generic credential is definitely locked. If set to "-1", the max. failure counter is disabled. |
| sendingMethod | Data Type: comma-separated list of enums Values: any subset of PDFstore, Print, Email, HTMLemail, PDFemail, SMS_SMTP, None | Defines a fallback list of different methods of how a credential should be communicated to the user (if the first method fails for some reason, the second is tried, and so on). Method "Email" will fail if the user has no e-mail address or the address is invalid. Method "SMS_SMTP" will fail if the user has no mobile number or the mobile number is invalid. All methods (except None) will fail if the corresponding template is missing or one or more of the mandatory placeholders are empty. If sendingMethod was not defined at all, nevisIDM takes the default value. The default value has no fallbacks. If "PDFstore" is configured, the following additional parameters can be defined:
SMS_SMTP.smtp.port: port of the SMTP server. SMS_SMTP.message.from (mandatory): Sender of the SMS message. It has to be a valid e-mail address. SMS_SMTP.message.to (mandatory): Receiver of the SMS message. It has to contain the "${phonenumber}" placeholder. For example: ${phonenumber}@sms.mycompany.ch.SMS_SMTP.message.subject (mandatory): Subject of the e-mail sent to the SMTP gateway.
| |
| templatePrecedence | Data type: int | null | The precedence number of the template we want to use during the communication with the user. If the parameter is not set, the default template will be used. If no template exists with the given precedence number, an error will occur. |
| tmpLockingDuration | Data type: long | 60000 | Duration of the temporary locking in milliseconds. Use a tmpLockingDuration of at least 30000 since the exact duration cannot be guaranteed below this value. |
| tmpLockingMode | Data type: String Values: strict, threshold | strict | strict: when the first temporary locking period is over, the user can try to log in only once before the next temporary locking period activates. threshold: the user can always try "tmpLockingThreshold" times to log in before the next temporary locking period activates. |
| tmpLockingThreshold | Data type: int | 2 | Number of login failures before a password is temporarily locked. |
| urlPrefix | Data type: String | none | The URL ticket is communicated to the credential's user as part of a personalized link. The URL prefix of this link can be set with this parameter. Example: If the urlPrefix is <http://www.mycompany.ch/nevisidm/resetPin?x>=, the personalized link will look like this:http://www.mycompany.ch/nevisidm/resetPin?x>=Npw6Cm78WupusGwelmLx0LeujLwWh1RfOmJIlSRo6P6h5maGfKlR5‑rK7i_nR7QqaLI8SgNyqmCKdmjnFylBA Within templates, the link is referenced by the variable _LINK_ ) |
| urlTicketCharacterSet | Data type: String | abcdefghijklmn opqrstuvwxyz ABCDEFGHIJKLMN OPQRSTUVWXYZ 0123456789 | The parameter urlTicketCharacterSet is deprecated. It is recommended using the fully generated URL based on the URL prefix instead (as set in the parameter urlPrefix). The characters used when generating the URL ticket using the SOAP API. |
| urlTicketLen | Data type: int (>-1) | 30 | Length of the generated URL ticket. It is communicated to the credential's user as part of a personalized link. |