27.1.1 Input for the web service

The body of this method is provided with a block of JSON in the following format:

{
  "serialNumber", "<serialNumber>",
  "deviceTypeName", "<deviceTypeName>",
  "userObjectID", "<userObjectID>",
  "credentialObjectID", "<credentialObjectID>"
}

where:

• serialNumber – the serial number of the card.

• deviceTypeName – the type of device; for example, Oberthur ID-One PIV.

• userObjectID – the ID of the cardholder. This corresponds to the ObjectID column in the UserAccounts table of the MyID database.

• credentialObjectID – the ID of the credential profile being used for the device. This corresponds to the ObjectID column in the CardProfiles table of the MyID database.

  Note: The MyID database stores object IDs without the enclosing braces {}.

For example:

{
  "serialNumber", "OBERTHUR4820502B200900025220",
  "deviceTypeName", "Oberthur ID-One PIV",
  "userObjectID", "{7E94C911-558A-4AD1-97B5-841876EA4F5A}",
  "credentialObjectID", "{5C94945D-FFA6-4B3E-B117-0436FD80BCEE}"
}

Your web service must use this information to determine whether the device is suitable.

27.1.2 Output from the web service

The checkCard method must return JSON in the following format:

{
  "suitable":true/false
  "error":"<error message>"
}

where:

• suitable – whether the device is suitable:

  • true – the device is suitable.

  • false – the device is not suitable.

• error – any additional details you want to provide to the operator.

For example:

{
  "suitable":false
  "error":"The card is not suitable for selection"
}

27.1.3 Web service authentication

You can use basic or anonymous authentication for the web service. If you use basic authentication, you must provide the username and password for the web service in the External Systems workflow; see section 27.2, Setting up an external system for card suitability.