1 <?xml version="1.0" encoding="UTF-8"?>
\r
3 <!-- ********************************************************************** -->
\r
4 <!-- Copyright (c) 2000-2012 BroadSoft, Inc. All rights reserved. -->
\r
5 <!-- ********************************************************************** -->
\r
6 <!-- O C I X M L S C H E M A : L O G I N P A R T -->
\r
8 <!-- This file defines the XML Schema for the BroadSoft Application Server -->
\r
9 <!-- Open Client Interface (OCI). -->
\r
10 <!-- ********************************************************************** -->
\r
12 <xs:schema xmlns:xs = "http://www.w3.org/2001/XMLSchema"
\r
15 attributeFormDefault = "qualified"
\r
16 elementFormDefault = "qualified">
\r
18 <xs:import namespace = "C"
\r
19 schemaLocation = "OCISchemaBASE.xsd"/>
\r
21 <xs:include schemaLocation="OCISchemaDataTypes.xsd"/>
\r
23 <!-- ********************************************************************************** -->
\r
24 <!-- L O G I N P A R T R E Q U E S T S A N D R E S P O N S E S -->
\r
25 <!-- ********************************************************************************** -->
\r
27 Requests and responses are listed here in alphabetical order.
\r
28 The non-primitive attributes inside the commands are defined in another
\r
29 section of the schema.
\r
31 Requests in this schema file:
\r
32 AuthenticationRequest
\r
33 AuthenticationVerifyRequest14sp8
\r
34 AvailabilityTestRequest
\r
35 DeviceManagementFileAuthLocationGetRequest21
\r
36 DeviceManagementPutFileRequest
\r
37 ExternalAuthenticationAuthorizeTokenRequest
\r
38 ExternalAuthenticationCreateLoginTokenRequest
\r
41 PasswordModifyRequest
\r
42 PrimaryInfoGetRequest
\r
43 PublicClusterGetFullyQualifiedDomainNameRequest
\r
44 TutorialFlagGetRequest
\r
45 TutorialFlagModifyRequest
\r
46 UserGetLoginInfoRequest
\r
47 UserSingleSignOnCreateDeviceTokenRequest
\r
48 VerifySessionIsValidRequest
\r
52 <xs:complexType name="AuthenticationRequest">
\r
55 AuthenticationRequest is 1st stage of the 2 stage OCI login process.
\r
59 <xs:extension base="core:OCIRequest">
\r
61 <xs:element name="userId" type="UserId"/>
\r
64 </xs:complexContent>
\r
67 <xs:complexType name="AuthenticationResponse">
\r
70 AuthenticationRequest/Response is 1st stage of the 2 stage OCI login process.
\r
74 <xs:extension base="core:OCIDataResponse">
\r
76 <xs:element name="userId" type="UserId"/>
\r
77 <xs:element name="nonce" type="xs:string"/>
\r
78 <xs:element name="passwordAlgorithm" type="DigitalSignatureAlgorithm"/>
\r
81 </xs:complexContent>
\r
84 <xs:complexType name="AuthenticationVerifyRequest14sp8">
\r
87 AuthenticationVerifyRequest14sp8 is used to authenticate a user either by userId/password, userId/sip username/sip password,
\r
88 dn/passcode or a token previously authorized with the ExternalAuthenticationAuthorizeTokenRequest.
\r
89 The phone number may be any DN associated with a user.
\r
90 The response is a AuthenticationVerifyResponse14sp8 or an ErrorResponse
\r
94 <xs:extension base="core:OCIRequest">
\r
97 <xs:element name="userId" type="UserId"/>
\r
98 <xs:element name="password" type="Password"/>
\r
101 <xs:element name="phoneNumber" type="DN"/>
\r
102 <xs:element name="passcode" type="Passcode"/>
\r
105 <xs:element name="loginToken" type="LoginToken"/>
\r
108 <xs:element name="sipAuthenticationUserName" type="SIPAuthenticationUserName"/>
\r
109 <xs:element name="sipAuthenticationPassword" type="SIPAuthenticationPassword"/>
\r
110 <xs:element name="userId" type="UserId"/>
\r
114 </xs:complexContent>
\r
117 <xs:complexType name="AuthenticationVerifyResponse14sp8">
\r
120 Response to AuthenticationVerifyRequest14sp8
\r
121 If a phoneNumber is returned, it will be the primay DN of the user
\r
122 </xs:documentation>
\r
124 <xs:complexContent>
\r
125 <xs:extension base="core:OCIDataResponse">
\r
127 <xs:element name="loginType" type="LoginType"/>
\r
128 <xs:element name="locale" type="OCILocale"/>
\r
129 <xs:element name="encoding" type="Encoding"/>
\r
130 <xs:element name="groupId" type="GroupId" minOccurs="0"/>
\r
131 <xs:element name="serviceProviderId" type="ServiceProviderId" minOccurs="0"/>
\r
132 <xs:element name="isEnterprise" type="xs:boolean"/>
\r
133 <xs:element name="passwordExpiresDays" type="xs:int" minOccurs="0"/>
\r
134 <xs:element name="lastName" type="LastName" minOccurs="0"/>
\r
135 <xs:element name="firstName" type="FirstName" minOccurs="0"/>
\r
136 <xs:element name="userId" type="UserId"/>
\r
137 <xs:element name="phoneNumber" type="DN" minOccurs="0"/>
\r
140 </xs:complexContent>
\r
143 <xs:complexType name="AvailabilityTestRequest">
\r
146 AvailabilityTestRequest is for high-availability support. Response is either SuccessResponse
\r
148 </xs:documentation>
\r
150 <xs:complexContent>
\r
151 <xs:extension base="core:OCIRequest">
\r
154 </xs:complexContent>
\r
157 <xs:complexType name="DeviceManagementFileAuthLocationGetRequest21">
\r
160 Get the address and credentials of the File Repository hosting the requested access device file.
\r
161 Also get the file name and path on the File Repository.
\r
162 The response is either DeviceManagementFileAuthLocationGetResponse21 or ErrorResponse.
\r
163 The following elements are only used in AS data mode and will fail in HSS data mode:
\r
165 </xs:documentation>
\r
167 <xs:complexContent>
\r
168 <xs:extension base="core:OCIRequest">
\r
170 <xs:element name="deviceAccessProtocol" type="DeviceAccessProtocol16"/>
\r
171 <xs:element name="deviceAccessMethod" type="FileRepositoryAccessType"/>
\r
172 <xs:element name="deviceAccessURI" type="DeviceManagementAccessURI"/>
\r
173 <xs:element name="accessDeviceUserName" type="UserId" minOccurs="0"/>
\r
174 <xs:element name="accessDeviceUserPassword" type="Password" minOccurs="0"/>
\r
175 <xs:element name="deviceToken" type="LoginToken" minOccurs="0"/>
\r
176 <xs:element name="signedPassword" type="SignedPassword" minOccurs="0"/>
\r
177 <xs:element name="macAddress" type="AccessDeviceMACAddress" minOccurs="0"/>
\r
178 <xs:element name="realmName" type="RealmName" minOccurs="0"/>
\r
179 <xs:element name="digestHa1Complement" type="DigestHa1Complement" minOccurs="0"/>
\r
180 <xs:element name="digestResponse" type="Md5Hash" minOccurs="0"/>
\r
183 </xs:complexContent>
\r
186 <xs:complexType name="DeviceManagementFileAuthLocationGetResponse21">
\r
189 This is a response to DeviceManagementFileAuthLocationGetRequest21.
\r
190 Return the address and credentials of the File Repository hosting the requested access device file.
\r
191 Also return the file name and path on the File Repository.
\r
192 Also returns the status of the file authentication.
\r
193 </xs:documentation>
\r
195 <xs:complexContent>
\r
196 <xs:extension base="core:OCIDataResponse">
\r
198 <xs:element name="status" type="DeviceManagementFileAuthenticationStatus" minOccurs="0"/>
\r
199 <xs:element name="fileRepositoryUserName" type="FileRepositoryUserName"/>
\r
200 <xs:element name="fileRepositoryPassword" type="FileRepositoryUserPassword"/>
\r
201 <xs:element name="netAddress" type="NetAddress"/>
\r
202 <xs:element name="remoteFileFormat" type="DeviceManagementFileFormat"/>
\r
203 <xs:element name="portNumber" type="Port" minOccurs="0"/>
\r
204 <xs:element name="rootDirectory" type="CPEFileDirectory" minOccurs="0"/>
\r
205 <xs:element name="cpeFileDirectory" type="CPEFileDirectory" minOccurs="0"/>
\r
206 <xs:element name="secure" type="xs:boolean" minOccurs="0"/>
\r
207 <xs:element name="macInNonRequestURI" type="xs:boolean" minOccurs="0"/>
\r
208 <xs:element name="macFormatInNonRequestURI" type="DeviceManagementAccessURI" minOccurs="0"/>
\r
209 <xs:element name="useHttpDigestAuthentication" type="xs:boolean" minOccurs="0"/>
\r
210 <xs:element name="macBasedFileAuthentication" type="xs:boolean" minOccurs="0"/>
\r
211 <xs:element name="userNamePasswordFileAuthentication" type="xs:boolean" minOccurs="0"/>
\r
212 <xs:element name="completionNotification" type="xs:boolean" minOccurs="0"/>
\r
213 <xs:element name="fileCategory" type="DeviceManagementFileCategory" minOccurs="0"/>
\r
214 <xs:element name="enableCaching" type="xs:boolean" minOccurs="0"/>
\r
215 <xs:element name="notifyFileUpload" type="xs:boolean" minOccurs="0"/>
\r
218 </xs:complexContent>
\r
221 <xs:complexType name="DeviceManagementPutFileRequest">
\r
224 Informs BroadWorks that a file was uploaded to the repository. The response is always a SuccessResponse.
\r
225 </xs:documentation>
\r
227 <xs:complexContent>
\r
228 <xs:extension base="core:OCIRequest">
\r
230 <xs:element name="deviceAccessURI" type="DeviceManagementAccessURI"/>
\r
231 <xs:element name="ipAddress" type="NetAddress"/>
\r
234 </xs:complexContent>
\r
237 <xs:complexType name="ExternalAuthenticationAuthorizeTokenRequest">
\r
240 This command is part of the Portal API.
\r
241 Sent when a Web or CLI user logs in using external authentication.
\r
242 The password must be hashed. The password hashing algorithm is:
\r
243 1) The message digest of the user's plain password is calculated using the SHA algorithm.
\r
244 2) For every four bits in the 160-bit digest, starting from the first bit, it is
\r
245 converted into a character in ASCII Hex format (0 through 9, a through f).
\r
246 The result is a 40-character string, for example, f7a9e24777ec23212c54d7a350bc5bea5477fdbb.
\r
247 3) The above string then is used to populate the password field in the request.
\r
248 The response is either SuccessResponse or ErrorResponse.
\r
249 </xs:documentation>
\r
251 <xs:complexContent>
\r
252 <xs:extension base="core:OCIRequest">
\r
254 <xs:element name="userId" type="UserId"/>
\r
255 <xs:element name="password" type="Password" minOccurs="0"/>
\r
256 <xs:element name="loginToken" type="LoginToken"/>
\r
259 </xs:complexContent>
\r
262 <xs:complexType name="ExternalAuthenticationCreateLoginTokenRequest">
\r
265 <asDataModeSupported>true</asDataModeSupported>
\r
266 <hssDataModeSupported>false</hssDataModeSupported>
\r
269 This command allows a BroadWorks or Third-Party Client Application to
\r
270 create a Single Sign-On token for a user.
\r
271 The response is either ExternalAuthenticationCreateLoginTokenResponse
\r
273 </xs:documentation>
\r
275 <xs:complexContent>
\r
276 <xs:extension base="core:OCIRequest">
\r
278 <xs:element name="userId" type="UserId"/>
\r
281 </xs:complexContent>
\r
284 <xs:complexType name="ExternalAuthenticationCreateLoginTokenResponse">
\r
287 <asDataModeSupported>true</asDataModeSupported>
\r
288 <hssDataModeSupported>false</hssDataModeSupported>
\r
291 Response to ExternalAuthenticationCreateLoginTokenRequest.
\r
292 </xs:documentation>
\r
294 <xs:complexContent>
\r
295 <xs:extension base="core:OCIDataResponse">
\r
297 <xs:element name="loginToken" type="LoginToken"/>
\r
300 </xs:complexContent>
\r
303 <xs:complexType name="LoginRequest14sp4">
\r
306 LoginRequest14sp4 is 2nd stage of the 2 stage OCI login process.
\r
307 The signedPassword is not required for external authentication login from a trusted host (ACL).
\r
308 </xs:documentation>
\r
310 <xs:complexContent>
\r
311 <xs:extension base="core:OCIRequest">
\r
313 <xs:element name="userId" type="UserId"/>
\r
314 <xs:element name="signedPassword" type="SignedPassword" minOccurs="0"/>
\r
315 <xs:element name="plainTextPassword" type="Password" minOccurs="0"/>
\r
318 </xs:complexContent>
\r
321 <xs:complexType name="LoginResponse14sp4">
\r
324 LoginRequest14sp4/Response14sp4 is 2nd stage of the 2 stage OCI login process.
\r
325 </xs:documentation>
\r
327 <xs:complexContent>
\r
328 <xs:extension base="core:OCIDataResponse">
\r
330 <xs:element name="loginType" type="LoginType"/>
\r
331 <xs:element name="locale" type="OCILocale"/>
\r
332 <xs:element name="encoding" type="Encoding"/>
\r
333 <xs:element name="groupId" type="GroupId" minOccurs="0"/>
\r
334 <xs:element name="serviceProviderId" type="ServiceProviderId" minOccurs="0"/>
\r
335 <xs:element name="isEnterprise" type="xs:boolean"/>
\r
336 <xs:element name="passwordExpiresDays" type="xs:int" minOccurs="0"/>
\r
337 <xs:element name="userDomain" type="NetAddress"/>
\r
340 </xs:complexContent>
\r
343 <xs:complexType name="LogoutRequest">
\r
346 LogoutRequest is sent when an OCI user logs out or when connection is lost.
\r
347 This command can be sent either to the server, or to the client from OCS.
\r
348 Response is either SuccessResponse or ErrorResponse.
\r
349 </xs:documentation>
\r
351 <xs:complexContent>
\r
352 <xs:extension base="core:OCIRequest">
\r
354 <xs:element name="userId" type="UserId"/>
\r
355 <xs:element name="reason" type="LogoutRequestReason" minOccurs="0"/>
\r
358 </xs:complexContent>
\r
361 <xs:complexType name="PasswordModifyRequest">
\r
364 Modify the password for a user/administrator.
\r
365 When oldPassword is specified, password rule applies. If oldPassword in not specified,
\r
366 any password rule related to old password does not apply.
\r
367 The response is either a SuccessResponse or an ErrorResponse.
\r
368 </xs:documentation>
\r
370 <xs:complexContent>
\r
371 <xs:extension base="core:OCIRequest">
\r
373 <xs:element name="userId" type="UserId"/>
\r
374 <xs:element name="oldPassword" type="Password" minOccurs="0"/>
\r
375 <xs:element name="newPassword" type="Password"/>
\r
378 </xs:complexContent>
\r
381 <xs:complexType name="PrimaryInfoGetRequest">
\r
384 Requests information about the primary server for high-availability support.
\r
385 </xs:documentation>
\r
387 <xs:complexContent>
\r
388 <xs:extension base="core:OCIRequest">
\r
390 <xs:element name="isPrivate" type="xs:boolean">
\r
393 Dual homed side is private?
\r
394 </xs:documentation>
\r
397 <xs:element name="isAddressInfoRequested" type="xs:boolean">
\r
400 For optimization, we only get the hostname and addresses for primary if
\r
401 they are explicitly requested or if the current server is not the primary.
\r
402 So you might get back the list of server addresses even if you did not
\r
403 ask for the list if the request is not serviced by the primary server.
\r
404 </xs:documentation>
\r
409 </xs:complexContent>
\r
412 <xs:complexType name="PrimaryInfoGetResponse">
\r
415 Information about the primary server in the high-availablity cluster.
\r
416 For optimization, we only get the hostname and addresses for primary if they are
\r
417 explicitly requested or if the current server is not the primary.
\r
418 </xs:documentation>
\r
420 <xs:complexContent>
\r
421 <xs:extension base="core:OCIDataResponse">
\r
423 <xs:element name="isPrimary" type="xs:boolean">
\r
425 <xs:documentation>Is the server that processed this request the primary in the cluster?</xs:documentation>
\r
428 <xs:element name="hostnameForPrimary" type="NetAddress" minOccurs="0">
\r
430 <xs:documentation>Primary server's hostname.</xs:documentation>
\r
433 <xs:element name="addressForPrimary" type="NetAddress" minOccurs="0" maxOccurs="unbounded">
\r
435 <xs:documentation>List of addresses for primary server in cluster.</xs:documentation>
\r
438 <xs:element name="privateAddressForPrimary" type="NetAddress" minOccurs="0" maxOccurs="unbounded">
\r
440 <xs:documentation>List of private addresses for primary server in cluster.</xs:documentation>
\r
445 </xs:complexContent>
\r
448 <xs:complexType name="PublicClusterGetFullyQualifiedDomainNameRequest">
\r
451 Get the public cluster fully qualified domain name (FQDN).
\r
452 The response is either a PublicClusterGetFullyQualifiedDomainNameResponse
\r
453 or an ErrorResponse.
\r
454 </xs:documentation>
\r
456 <xs:complexContent>
\r
457 <xs:extension base="core:OCIRequest">
\r
460 </xs:complexContent>
\r
463 <xs:complexType name="PublicClusterGetFullyQualifiedDomainNameResponse">
\r
466 Response to PublicClusterGetFullyQualifiedDomainNameRequest.
\r
467 </xs:documentation>
\r
469 <xs:complexContent>
\r
470 <xs:extension base="core:OCIDataResponse">
\r
472 <xs:element name="publicClusterFQDN" type="DomainName" minOccurs="0"/>
\r
475 </xs:complexContent>
\r
478 <xs:complexType name="TutorialFlagGetRequest">
\r
481 Get the tutorial flag setting for a user or admin.
\r
482 The response is either a TutorialFlagGetResponse or an ErrorResponse.
\r
483 </xs:documentation>
\r
485 <xs:complexContent>
\r
486 <xs:extension base="core:OCIRequest">
\r
488 <xs:element name="userId" type="UserId"/>
\r
491 </xs:complexContent>
\r
494 <xs:complexType name="TutorialFlagGetResponse">
\r
497 Response to the TutorialFlagGetRequest.
\r
498 </xs:documentation>
\r
500 <xs:complexContent>
\r
501 <xs:extension base="core:OCIDataResponse">
\r
503 <xs:element name="enableTutorial" type="xs:boolean"/>
\r
506 </xs:complexContent>
\r
509 <xs:complexType name="TutorialFlagModifyRequest">
\r
512 Modify the tutorial flag setting for a user or admin.
\r
513 The response is either a SuccessResponse or an ErrorResponse.
\r
514 </xs:documentation>
\r
516 <xs:complexContent>
\r
517 <xs:extension base="core:OCIRequest">
\r
519 <xs:element name="userId" type="UserId"/>
\r
520 <xs:element name="enableTutorial" type="xs:boolean" minOccurs="0"/>
\r
523 </xs:complexContent>
\r
526 <xs:complexType name="UserGetLoginInfoRequest">
\r
529 UserGetLoginInfoRequest is used to access login information for a user
\r
530 either by a userId or dn. The phone number may be any
\r
531 DN associated with a user.
\r
532 The response is a UserGetLoginInfoResponse or an ErrorResponse
\r
533 </xs:documentation>
\r
535 <xs:complexContent>
\r
536 <xs:extension base="core:OCIRequest">
\r
539 <xs:element name="userId" type="UserId"/>
\r
540 <xs:element name="phoneNumber" type="DN"/>
\r
544 </xs:complexContent>
\r
547 <xs:complexType name="UserGetLoginInfoResponse">
\r
550 Response to UserGetLoginInfoRequest
\r
551 If a phoneNumber is returned, it will be the primay DN of the user
\r
552 </xs:documentation>
\r
554 <xs:complexContent>
\r
555 <xs:extension base="core:OCIDataResponse">
\r
557 <xs:element name="loginType" type="LoginType"/>
\r
558 <xs:element name="locale" type="OCILocale"/>
\r
559 <xs:element name="encoding" type="Encoding"/>
\r
560 <xs:element name="groupId" type="GroupId" minOccurs="0"/>
\r
561 <xs:element name="serviceProviderId" type="ServiceProviderId" minOccurs="0"/>
\r
562 <xs:element name="isEnterprise" type="xs:boolean"/>
\r
563 <xs:element name="passwordExpiresDays" type="xs:int" minOccurs="0"/>
\r
564 <xs:element name="lastName" type="LastName" minOccurs="0"/>
\r
565 <xs:element name="firstName" type="FirstName" minOccurs="0"/>
\r
566 <xs:element name="userId" type="UserId"/>
\r
567 <xs:element name="phoneNumber" type="DN" minOccurs="0"/>
\r
570 </xs:complexContent>
\r
573 <xs:complexType name="UserSingleSignOnCreateDeviceTokenRequest">
\r
576 <asDataModeSupported>true</asDataModeSupported>
\r
577 <hssDataModeSupported>false</hssDataModeSupported>
\r
580 This command allows a BroadWorks or Third-Party Client Application to
\r
581 create a Single Sign-On token for a device of a user.
\r
582 The token is created only if:
\r
583 1. the specified user is the owner of a lineport on the specified device
\r
584 (including a trunk user on a trunk device).
\r
585 2. and, the specified device is not in locked state.
\r
586 3. and, the device type of the device does support Device Management.
\r
587 The response is either UserSingleSignOnCreateDeviceTokenResponse
\r
589 </xs:documentation>
\r
591 <xs:complexContent>
\r
592 <xs:extension base="core:OCIRequest">
\r
594 <xs:element name="userId" type="UserId"/>
\r
595 <xs:element name="deviceLevel" type="AccessDeviceLevel"/>
\r
596 <xs:element name="deviceName" type="AccessDeviceName"/>
\r
599 </xs:complexContent>
\r
602 <xs:complexType name="UserSingleSignOnCreateDeviceTokenResponse">
\r
605 <asDataModeSupported>true</asDataModeSupported>
\r
606 <hssDataModeSupported>false</hssDataModeSupported>
\r
609 Response to UserSingleSignOnCreateDeviceTokenRequest.
\r
610 </xs:documentation>
\r
612 <xs:complexContent>
\r
613 <xs:extension base="core:OCIDataResponse">
\r
615 <xs:element name="deviceToken" type="LoginToken"/>
\r
618 </xs:complexContent>
\r
621 <xs:complexType name="VerifySessionIsValidRequest">
\r
624 Query the provisioning server to verify the session is authorized. Most
\r
625 applications should not need this command, because the provisioning server
\r
626 verifies the session is authorized for all commands.
\r
627 The response is either a SuccessResponse or an ErrorResponse.
\r
628 </xs:documentation>
\r
630 <xs:complexContent>
\r
631 <xs:extension base="core:OCIRequest">
\r
634 </xs:complexContent>
\r
637 <xs:simpleType name="LogoutRequestReason">
\r
640 Logout request reason.
\r
641 </xs:documentation>
\r
643 <xs:restriction base="xs:token">
\r
644 <xs:enumeration value="Client Logout"/>
\r
645 <xs:enumeration value="Server Connection Failure"/>
\r
646 <xs:enumeration value="Open Client Server Forced Logout"/>
\r
650 <xs:simpleType name="DeviceManagementFileAuthenticationStatus">
\r
653 The status of a Device Management File Authentication.
\r
654 The possible values are:
\r
655 "Challenge" : authentication is required.
\r
656 "Need Digest Authntication" : client needs to use digest authentication.
\r
657 "Need User Password Authntication" : client needs to use user/pass authentication.
\r
658 </xs:documentation>
\r
660 <xs:restriction base="xs:token">
\r
661 <xs:enumeration value="Challenge"/>
\r
662 <xs:enumeration value="Need Digest Authentication"/>
\r
663 <xs:enumeration value="Need User Password Authentication"/>
\r