Product Documentation

Retrieving Secondary Credentials - lookupRequest

Feb 06, 2011

Use this operation to retrieve details of a secondary credential.

Syntax

<lookupRequest xmlns:ctxs='http://citrix.com/Provision' 
requestID='optional-client-generated-ID'  
returnData='data' executionMode='synchronous'> 
   <ctxs:authentication-token>AuthToken</ctxs:authentication-token> 
   <psoID ID='credential-GUID'> 
      <containerID ID='userFQDN'/> 
   </psoID> 
 </lookupRequest>

Parameters

requestID (mandatory) This is the client-generated ID that associates the return values with this request.
returnData (mandatory)

data - details of a secondary credential

identifier - list of credentials for a user

name - not supported in Single Sign-on

everything - application definitions available to the specified user

executionMode (mandatory) Only the synchronous execution mode is supported. Any requests to use asynchronous execution results in unsupportedExecutionMode errors.
authentication-token (mandatory) The authentication-token element is mandatory, but is not used at this time.
psoID (mandatory) The psoID is a unique identifier for each end user; PSOID is the user's FQDN
containerID (mandatory) The containerID provides the FQDN of the user who owns the credential.

Syntax for Return Values - lookupResponse

<lookupResponse status='success' requestID='xsd:ID optional'> 
<pso> 
   <psoID ID='credential-GUID'> 
      <containerID ID='userFQDN'/> 
   </psoID> 
   <data> 
      <ctxs:credential xmlns:ctxs='http://citrix.com/Provision'  
      ctxs:status='queued'> 
         <ctxs:name>Credential-name</ctxs:name> 
         <ctxs:provision-description>Admin text</ctxs:provision-description> 
         <ctxs:description>Credential description</ctxs:description> 
         <ctxs:application> 
            <ctxs:id>app-GUID</ctxs:id> 
            <ctxs:name>Outlook</ctxs:name> 
            <ctxs:description>description from app-def</ctxs:description> 
            <ctxs:group password-sharing='true'>Domain</ctxs:group> 
            <ctxs:fields> 
               <ctxs:userID/> 
               <ctxs:password/> 
            </ctxs:fields> 
         </application> 
      </ctxs:credential> 
   </data> 
   </pso> 
 </lookupResponse>

Parameters for Return Values

status (mandatory) Possible values: Success, Failure, Pending
requestID (mandatory) This is the client-generated ID that associates these return values with the associated request.
psoID (mandatory) The psoID is a unique identifier for each end user; PSOID is the user's FQDN. According to Single Sign-on's SPML model, the data of the pso is a credential as described in ctxs:credential Element. This would be included if returnData attribute was set to data or everything. There is exactly one pso element for each secondary credential. The ID attribute of the psoID provides the credential's GUID.
containerID (mandatory) The containerID provides the FQDN of the user who owns the credential.
data (mandatory) Data is the description of the data that was looked up. This is the credential element and may include any child elements of the credential and application elements.
ctxs:credential (mandatory) The credential element is used to describe a single secondary credential. The name and description children of the credential element are optional. If not provided, the Single Sign-on Plug-in uses the name and description from the application definition. See ctxs:credential Element for more information.
ctxs:application (mandatory) The application element is used both to describe an application definition and to describe details of a credential. The application element must correspond to one previously obtained from a lookupApplicationRequest operation. There is exactly one application element for each application definition in the user's user configuration. See ctxs:credential Element for more information.