Version 8 by Bård Lind
on Aug 21, 2014 20:26.

compared with
Current by Thor Henning Hetland
on May 06, 2016 11:32.

Key
This line was removed.
This word was removed. This word was added.
This line was added.

Changes (20)

View Page History

*Security levels*
* 0. FB & cookie
* 0. 3rd party tokens (FB, NetIQ, OAUTH2), Pin-Login, Pin-signup and persistent cookie(s)
* 1. username & password
* 2. 2 factor auth
** (last seen)

*Main structure*
{code}
<application> <usertoken>
<onBehalfOfOrg>
<application>
<organizationName> (_On behalf of_ or _representing contract/agreement_)
<role>
<params>
key:value

{code}

h3. How to extract data from a UserToken?
We recommend using [XPath|http://www.w3schools.com/xpath/] to extract data from a UserToken. Some [UserToken XPATH Examples]
This ensures that existing applications will not be affected when content/structure needs to be changed when introducing new applications.

h3. ACS UserToken example

{code:language=html/xml}
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<usertoken xmlns:ns2="http://www.w3.org/1999/xhtml" id="a96a517f-cef3-4be7-92f5-f059b65e4071">
<uid></uid>
<timestamp></timestamp>
<email></email>
<personRef></personRef>
<lastSeen></lastSeen> <!-- Whydah 2.1 date and time of last registered user session -->
<application ID="2349785543">
<applicationName>Whydah.net</applicationName>
<organizationName>Kunde 3</organizationName>
<role name="styremedlem" value=""/>
<role name="president" value=""/>
<organizationName>Kunde 4</organizationName>
<role name="styremedlem" value=""/>
</application>
<application ID="appa">
<ns2:link type="application/xml" href="/" rel="self"/>
<hash type="MD5">8a37ef9624ed93db4873035b0de3d1ca</hash>
</usertoken>

{code}

*Note: As of Whydah 2.1, the returned UserToken is filtered through an applicationTokenID, and will thus only return the roles of the application it is sent to*

h3. UserToken example

{code}
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<usertoken xmlns:ns2="http://www.w3.org/1999/xhtml" id="a96a517f-cef3-4be7-92f5-f059b65e4071">
<uid></uid>
<timestamp></timestamp>
<ns2:link type="application/xml" href="/" rel="self"/>
<hash type="MD5">8a37ef9624ed93db4873035b0de3d1ca</hash>
</usertoken>
{code}