25.2 Triggered script data format

The data passed to the script is in the form of a block of XML. You must create a script to capture this information that takes a single parameter named MyIdData of type System.Xml.XmlDocument.

The following nodes are available in the output:

• TriggerInformation/Workflow/OperationId

  Contains the ID of the workflow that is triggering the script. The IDs are:

  • Activate Card – 245
  • Assisted Activation – 5007
  • Batch Collect Card – 5003
  • Collect Card – 5002
  • Collect My Card – 216
  • Collect My Updates – 242
  • Erase Card – 296

• TriggerInformation/Workflow/State

  Contains the status of the workflow. Can be one of the following:

  • Success
  • Failure

• TriggerInformation/Workflow/IsWorkflowComplete

  Contains an indication of whether the workflow is complete. The Batch Collect Card workflow triggers the script after each card is collected, and again at the end of the workflow; all other workflows trigger the script only at the end of the workflow.

  Can be one of the following

  • True
  • False

• TriggerInformation/User/LogonName

  Contains the logon name of the user who is carrying out the workflow.

• TriggerInformation/Device/SerialNumber

  Contains the serial number of the credential that is being modified by the workflow.

• TriggerInformation/Device/DeviceTypeName

  Contains the type of the credential that is being modified by the workflow; for example, Oberthur ID-One PIV.

• TriggerInformation/Device/Certificates/Added

  Contains one or more Certificate/SerialNumber blocks that contain the serial number of any certificates that were added to the credential during the workflow.

• TriggerInformation/Device/Certificates/Removed

  Contains one or more Certificate/SerialNumber blocks that contain the serial number of any certificates that were removed from the credential during the workflow.

Note: The certificate information is available only if MyID performed the certificate actions during the workflow. For example, if you are using 2-step encoding, with a process of Collect Card > Batch Encode Card > Activate Card, the trigger information provided at the end of the Collect Card and Activate Card workflows does not contain certificate information; the certificate actions were carried out by the Batch Encode Card workflow, which does not support triggered scripts.

25.2.1 Example output

The following is an example of the XML output at the end of a workflow.

<TriggerInformation>
    <Workflow>
        <OperationId>216</OperationId>
        <State>Success</State>
        <IsWorkflowComplete>True</IsWorkflowComplete>
    </Workflow>
    <User>
        <LogonName>Alex Smith</LogonName>
    </User>
    <Device>
        <SerialNumber>OBERTHUR0123456789</SerialNumber>
        <DeviceTypeName>Oberthur ID-One PIV</DeviceTypeName>
        <Certificates>
            <Added>
                <Certificate>
                    <SerialNumber>ABC0123456789</SerialNumber>
                </Certificate>
            </Added>
            <Removed>
                <Certificate>
                    <SerialNumber>DEF0123456789</SerialNumber>
                </Certificate>
            </Removed>
        </Certificates>
    </Device>
</TriggerInformation>

25.2.2 Example script

The following PowerShell script reads the input XML and writes it to a file called Log.txt.

You can carry out further actions against the user certificate store with the information provided by these scripts; refer to Microsoft PowerShell documentation for the Certificate Provider feature.

param(
[xml]$MyIdData
)

$log = "OperationID: $($MyIdData.TriggerInformation.Workflow.OperationId)"
$log = $log + "`r`n" + "WorkflowState: $($MyIdData.TriggerInformation.Workflow.State)" 
$log = $log + "`r`n" + "IsWorkflowComplete: $($MyIdData.TriggerInformation.Workflow.IsWorkflowComplete)" 
$log = $log + "`r`n" + "LogonName: $($MyIdData.TriggerInformation.User.LogonName)" 
$log = $log + "`r`n" + "DeviceSerial: $($MyIdData.TriggerInformation.Device.SerialNumber)" 
$log = $log + "`r`n" + "DeviceTypeName: $($MyIdData.TriggerInformation.Device.DeviceTypeName)" 

foreach($serial in $MyIdData.TriggerInformation.Device.Certificates.Added.Certificate.SerialNumber)
{
    $log = $log + "`r`n" + "AddedCert: $serial"
}

foreach($serial in $MyIdData.TriggerInformation.Device.Certificates.Removed.Certificate.SerialNumber)
{
    $log = $log + "`r`n" + "RemovedCert: $serial"
}

Set-Content -Path .\Log.txt -Value $log