AnsweredAssumed Answered

How to activate an Online Emergency Token Code though API ?

Question asked by Thomas Ricou on Sep 28, 2018
Latest reply on Oct 2, 2018 by Ted Barbour

Hi,

Actually, I managed to do basic tasks with powershell though New-WebServiceProxy. I can assign/unassign tokens to (Active Directory) users making some verifications like making sure nobody gets 2 tokens.

I would like now to permit one of my user to use a temporary Fixed Token code for let's say 2 weeks. I need to allow authentication with the token at any time and then disable online emergency tokencode.

 

First, I don't know the good workflow for this, I mean, do my code choose the code or will the response contain it ? Do I have to create an empty TokenEmergencyAccessDTO, fill it with parameters and then user the update command ? How does the GenerateEmergencyAccessCodeCommand command work ?

I can't find the procedural steps to permit my user to use an emergency token code though the API.

 

Since I already had a command server and a sessionid, I tried :

1. GenerateEmergencyAccessCodeCommand 

$query = New-Object rsaapi.GenerateEmergencyAccessCodeCommand
$query.tokenGuid = $token.id

$CommandServer.executeCommand($loginCommand.sessionId, $query)

 

I get the following error while I can't specify an identity source : com.rsa.command.exception.DataNotFoundException: IdentitySource-Lookup : IdentitySource Guid is not specified

 

2. LookupTokenEmergencyAccessCommand

I could not make it work

 

3. UpdateTokenEmergencyAccessCommand

I could not make it work neither by passing a tokenEmergencyAccesDTO :

algorithm                       : 0
clearUnusedCodes                : False
downloadNewEaTokenCode          : False
eaExpiration                    : 30/09/2018 00:00:00
eaMode                          : 1
eacExpiresOn                    :
emergencyAccessTokenCode        :
emergencyAccessTokenCodeAllowed : True
id                              :
lastEaAuth                      :
lastTFTAuth                     :
lostMode                        : 0
numUnusedCodes                  : 0
offlineAuthAllowed              : False
oneTimeTokencodeSet             :
serialNumber                    : 000505193721
temporaryFixedTokencode         : 852963
tftExpiration                   :
tokenLost                       : False
tokenType                       : 0
validDownloadedData             : False
validOfflineData                : False
validOnlineData                 : False

 

 

Well any help in activating Emergency access code with API would be much appreciated !

Outcomes