This procedure creates an IIW (Individual Information Worker) Tenant Organization and Admin user; as well as optionally generates a password and sends an email to a users alternate email address with the password. These actions are performed under the context of a privileged account created by Hosted Signup::Initialize.
This procedure is modeled very closely on Hosted Signup::BusinessSignup.
This procedure will be used by Web Portals that allow for anonymous or unauthenticated sign up, where a user that does not have any affiliation with a Service Provider or Reseller, browses.
Arguments | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Input Arguments
Output Arguments
|
Remarks |
Security
This action is performed as a single privileged user named SignupAdmin-##### (suffix is a randomly generated 5 digit number). This user is already created and configured as an executeAS credential during Hosted Signup::Initialize. The Hosted Signup namespace consists of two key procedures: a BusinessSignUp and this new procedure IIWSignup. This namespace is exposed through a Web Service that is configured to allow anonymous access. We also have guidance in our Docs that specifically direct a customer to lock down access to this Web Service to only the set of IP addresses associated with Front-End provisioning Servers. There is no explicit role checking in this procedure, as all actions are performed under the context of a privileged user. Customers are strongly encouraged to protect calls to this procedure using secured web services (locked down to only receive requests from a single source for example) as well as anti-scripting measures such as credit card validation implemented at the UI layer. SignupAdmin is an administrator at the Hosting OU level, not a full domain admin. As indicated above, this feature is in place to support the development of Web Portals that allow for anonymous or unauthenticated sign up. There is a great deal of responsibility placed on the developer of the Web Portal to further secure this sign up process beyond the suggestions presented above. |
Schema Definition |
Input
Output
|
Sample Code |
Example XML Request
Example XML Response
|
Applies To |
Hosted Signup
Namespace for:
|
See Also |
|