Open and close the server
MFT FS server can be opened in four different ways by Open, OpenImmutable, OpenImmutableImpersonate or OpenWithTicket web service calls used by MFT FS SSO Ticket server or SSO-based applications.
Each call returns FTHSessionData data structure which contains Session ID and User ID of the user who logged in.
Data structures
FTHSessionData
User Session data
| Data Type | Field Name | Description |
|---|---|---|
| Guid | SessionID | ID of a new session that is created in response to the call. Should be supplied as parameter to all subsequent web service calls. |
| int | UserID | ID of MFT FS user account under which the connection is signed in. |
Methods
Open
Open call opens the server using username and password and creates a session for given ApplicationID.
The session is alive until the next sign-in is done using Open or OpenWithTicket for the same user and the same ApplicationID, then new session replaces the previous.
Different applications are allowed to sign in concurrently under the same user.
FTHSessionData
Open(string userName, string password, int applicationID, string clientVersion)
| Name | Description |
|---|---|
username | Username for sign-in |
password | Password for sign-in |
applicationID | ApplicationID parameter should be picked by client developers and communicated to MFT FS to be reserved for specific client. New ApplicationID value has to be added to the MFT FS Database table TBL_APPLICATION by MFT FS server administrator. ApplicationID >=1000, values below 1000 are reserved for applications developed by MFT FS. |
clientVersion | String that identifies connecting client software, will be recorded in Audit |
OpenWithTicket
Accepts the ticket that contains user identity encrypted by MFT FS library on the client side. Encrypting party and MFT FS server should use the same password since encryption is symmetrical.
For OpenWithTicket call to succeed, MFT FS SSO product should be deployed on a customer’s LAN and a user whose identity is contained in the ticket had to be previously created by MFT FS SSO Sync server.
MFT FS SSO sync server synchronizes the contents of specified user group in corporate Active Directory with the user list in MFT FS server.
FTHSessionData
OpenWithTicket(string ticket, int applicationID)
| Parameter Name | Description |
|---|---|
ticket | String with the user identity encrypted by MFT FS libraries in SSO or other products. Encrypting party and MFT FS server should use the same password for symmetric encryption/decryption. |
applicationID | ApplicationID parameter should be picked by client developers and communicated to MFT FS to be reserved for specific client. New ApplicationID value has to be added to the MFT FS Database table TBL_APPLICATION by MFT FS server administrator. ApplicationID >=1000, values below 1000 are reserved for applications developed by MFT FS. |
clientVersion | String that identifies connecting client software, will be recorded in Audit |
OpenWithTicketEx
Accepts the ticket that contains user identity encrypted by a library on the client side.
Encrypting party and MFT FS server should use the same AES 256 bit symmetric encryption and same password Ticket is used for validation of the decrypting password and expiration purpose only,
the username string in the ticket is ignored. User is identified by EmailAddress string and session is created under the user with this email address.
If a user with the EmailAddress does not exit, user is created with FirstName, LastName and EmailAddress.
Ticket contains the following fields in encrypted form:
Encrypted ticket will contain the following information in the encrypted form – example:
<token timestamp="mm/dd/yyyy hh:mm:ss">
<sitename>yoursite.thruinc.net</sitename>
<username> DomainName\UserName</username>
</token>
FTHSessionData
OpenWithTicketEx (string ticket, string EmailAddress, string FirstName, string LastName, int applicationID, string ClientVersion)
| Parameter Name | Description |
|---|---|
ticket | String with the user identity encrypted by MFT FS libraries in SSO or other products. Encrypting party and MFT FS server should use the same password for symmetric encryption/decryption. |
EmailAddress | Email address of the user account which will be used to login. If user with this email does not exist, new account will be created with this email address |
FirstName | First name of the connecting user. Will be used if new user is created |
LastName | Last name of connecting user. Will be used if new user is created |
applicationID | ApplicationID parameter is API key which is issued to client developers by MFT FS. New ApplicationID value should be added to MFT FS site database by MFT FS operations team. |
clientVersion | String that identifies connecting client software, will be recorded in Audit |
OpenImmutable
Similar to Open call but the new session created in immutable mode, it will not be deleted when the next call is made which opens the server under the same user and AplicationID. Used when session concurrency is required for one user account. Immutable sessions are cleaned automatically every 48 hours from the time they are created.
For SFTP and FTPS Application IDs the same immutable sessionID is returned which is already in use for given user. For other Application IDs multiple different immutable sessionIDs are crested on subsequent calls.
FTHSessionData
OpenImmutable(string userName, string password, int applicationID)
| Parameter Name | Description |
|---|---|
username | Username for sign-in |
password | Password for sign-in |
applicationID | ApplicationID parameter should be picked by client developers and communicated to MFT FS to be reserved for specific client. New ApplicationID value has to be added to the MFT FS Database table TBL_APPLICATION by MFT FS server administrator. ApplicationID >=1000, values below 1000 are reserved for applications developed by MFT FS. |
clientVersion | String that identifies connecting client software, will be recorded in Audit |
OpenImmutableImpersonate
Used when it is required to sign as a different user to perform and log the operation under the userID, which requires creation of a new user session token SessionID.
New session is created as immutable, session concurrency will be allowed.
Immutable sessions are cleaned automatically every 48 hours from the time they were created, or can be closed by explicit Close web service call.
FTHSessionData
OpenImmutableImpersonate(Guid serviceSessionId, int userID, int applicationID, string ipAddress)
| Parameter Name | Description |
|---|---|
serviceSessionId | Active session for a user who has privileges to impersonate to other session for sign-in. |
userID | ID of a user who will be impersonated by a service user |
applicationID | ApplicationID parameter should be picked by client developers and communicated to MFT FS to be reserved for specific client. New ApplicationID value has to be added to the MFT FS Database table TBL_APPLICATION by MFT FS server administrator. ApplicationID >=1000, values below 1000 are reserved for applications developed by MFT FS. |
ipAddress | String that identifies IP address of the client workstation or firewall of a user who will be impersonated by a service user. |
OpenImmutableUserString
Similar to Open call but the new session created in immutable mode, it will not be deleted when the next call is made which opens the server under the same user and ApplicationID. Used when session concurrency is required for one user account. Immutable sessions are cleaned automatically every 48 hours from the time they are created.
For SFTP and FTPS Application IDs the same immutable sessionID is returned which is already in use for given user. For other Application IDs multiple different immutable sessionIDs are crested on subsequent calls.
If userString argument is passed, the value is recorded in MFT FS Audit on each file upload, download file delete operation.
If userString argument is passed, the value is recorded in MFT FS Audit on each file upload, download file delete operation.
FTHSessionData
OpenImmutableUserString(Guid serviceSessionId, int userID, int applicationID, string ipAddress, string userString)
| Parameter Name | Description |
|---|---|
username | Username for sign-in |
password | Password for sign-in |
applicationID | ApplicationID parameter should be picked by client developers and communicated to MFT FS to be reserved for specific client. New ApplicationID value has to be added to the MFT FS Database table TBL_APPLICATION by MFT FS server administrator. ApplicationID >=1000, values below 1000 are reserved for applications developed by MFT FS. |
clientVersion | String that identifies connecting client software, will be recorded in Audit |
userString | String to pass information about external user. If supplied, the value is recorded in MFT FS Audit on each file upload, download file delete operation in external user field. Max length 255 characters. |
Close
Close web call deletes existing user session.
Void
Close(Guid sessionID)
| Parameter Name | Description |
|---|---|
sessionID | Active user session to be deleted |
