10.7.2 Configuring the MyID Client WebSocket Service

You can configure the MyID Client WebSocket Service by editing the service's appsettings.json file. By default, this file is installed in the following location:

C:\Program Files (x86)\Intercede\MyIDClientWebSocketService

{
  "Logging":  {
    "EventLog":  {
      "LogLevel":  {
        "Default":  "None"
      }
    }
  },
  "Timeouts":  {
    "ClientConnectionTimeoutSeconds":  5,
    "ConfirmedSessionTimeoutSeconds":  5,
    "StaleClientTimeoutSeconds":  30,
    "UnconfirmedSessionTimeoutSeconds":  60
  },
  "WebSocket":  {
  "Port":  8081,
  "AccessControlAllowOrigin":  "https://myserver.example.com"
  }
}

10.7.2.1 Configuring logging

The Logging section controls whether the service produces log information. See the MyID Client WebSocket Service section in the Configuring Logging guide for details of setting up logging for the MyID Client WebSocket Service.

10.7.2.2 Setting timeouts

You can set the following timeouts in the Timeouts section:

• ClientConnectionTimeoutSeconds – Once an instance of the MyID Client Service has been matched to a session ID, this is the period that the MyID Client WebSocket Service will wait when attempting to connect to it.

  If you are receiving an UnresponsiveSessionClient error, increasing this value will increase the time the service will wait for the client to respond.

  The default is 5 seconds.

• ConfirmedSessionTimeoutSeconds – The maximum time the service will wait for a client to be associated with a session ID after having previously successfully communicated with it.

  If a client has been closed after the MyID Operator Client has used it, this is the maximum period of time it will have to wait before receiving an error from the service that will cause it to launch a new instance of the MyID Client Service.

  The default is 5 seconds.

• StaleClientTimeoutSeconds – At the interval defined by this configuration, the service will check for and remove any session ID registrations whose associated MyID Client Service instance is no longer running.

  The default is 30 seconds.

• UnconfirmedSessionTimeoutSeconds – The maximum time the service will wait for a client to be associated with a session ID that has never previously been communicated with.

  If a client is still starting up when a request is made, this is the maximum period of time a caller will have to wait before receiving an error from the service.

  You are recommended to increase this value to accommodate the time required if the MyID Client Service takes longer than 60 seconds to start in your environment.

  The default is 60 seconds.

10.7.2.3 Updating the port and server details

If you need to update the port number or the list of allowed servers, set the following options in the WebSocket section:

• Port – type the number of the port you want to use. By default, the MyID Operator Client and its web service use port 8081. If you use a different port, you must also configure the MyID Client Service and the MyID Operator Client website to use the same port; see the Changing the port section in the MyID Operator Client guide for details.

• AccessControlAllowOrigin – type one or more URLs that point to websites that are permitted to access the MyID Client Service. Use commas to separate the URLs.

  For example:

  https://myserver,https://myserver2

  Note: If you want to allow access to any websites, you can use a wildcard:

  *

10.7.3 Enabling or disabling the MyID Client WebSocket Service

Once you have installed and configured the MyID Client WebSocket Service, you must configure the MyID Client Service to use this service by editing the MyID Client Service configuration file.

1. Open the MyIDClientService.dll.config file in a text editor.

   This file is located in the MyID Client Service program folder. By default, this is:

   C:\Program Files (x86)\Intercede\MyIDClientService

2. Edit the following line in the appSettings section:

   <add key="UseGlobalService" value="true"/>

   Set the value to true to enable the use of the MyID Client WebSocket Service, and false to disable it.

   If this line does not exist in the configuration file, you can add it to the appSettings section.

   If you are using the MSIX version of the MyID Client Service installation program, you can use the MyID Client Service tab on the Client Configuration page of the MyID Client Configurator to set this option.

3. Save the configuration file.

4. Restart the MyID Client Service.

Note: If you disable the use of the MyID Client WebSocket Service, make sure you stop the MyID Client WebSocket Service before attempting to restart the MyID Client Service; the MyID Client WebSocket Service will retain control over the WebSocket port and the MyID Client Service will be unable to use it. If the MyID Client WebSocket Service is running, you may see an error similar to the following:

10000228 – Failed to bind to local web-socket port. Make sure another application is not running and consuming your port.

You are recommended to disable or uninstall the MyID Client WebSocket Service if you are not going to use it.

10.7.4 Connected devices and peripherals

MyID has been tested with connected smart cards and virtual smart cards with Microsoft Remote Desktop Services. Other peripherals, for example cameras, printers, scanners, fingerprint readers, and their associated software from the device vendors, will require special configuration in your environment, which is outside of the scope of MyID software. For example, issues may be seen establishing device connectivity to Windows, and virtualized environments are likely to introduce additional latency which will affect use.

For this reason, support for connected devices and peripherals with MyID in virtualized environments is limited; see section 5.3, Virtual environments and remote connections for further details.