Actually, I managed to do basic tasks with powershell though New-WebServiceProxy. I can assign/unassign tokens to (Active Directory) users making some verifications like making sure nobody gets 2 tokens.
I would like now to permit one of my user to use a temporary Fixed Token code for let's say 2 weeks. I need to allow authentication with the token at any time and then disable online emergency tokencode.
First, I don't know the good workflow for this, I mean, do my code choose the code or will the response contain it ? Do I have to create an empty TokenEmergencyAccessDTO, fill it with parameters and then user the update command ? How does the GenerateEmergencyAccessCodeCommand command work ?
I can't find the procedural steps to permit my user to use an emergency token code though the API.
Since I already had a command server and a sessionid, I tried :
$query = New-Object rsaapi.GenerateEmergencyAccessCodeCommand
$query.tokenGuid = $token.id
I get the following error while I can't specify an identity source : com.rsa.command.exception.DataNotFoundException: IdentitySource-Lookup : IdentitySource Guid is not specified
I could not make it work
I could not make it work neither by passing a tokenEmergencyAccesDTO :
algorithm : 0
clearUnusedCodes : False
downloadNewEaTokenCode : False
eaExpiration : 30/09/2018 00:00:00
eaMode : 1
emergencyAccessTokenCodeAllowed : True
lostMode : 0
numUnusedCodes : 0
offlineAuthAllowed : False
serialNumber : 000505193721
temporaryFixedTokencode : 852963
tokenLost : False
tokenType : 0
validDownloadedData : False
validOfflineData : False
validOnlineData : False
Well any help in activating Emergency access code with API would be much appreciated !