Account Manager API | Administrative - SOAP

The Account Manager Service fully utilizes Alegeus Technologies’ user management system by requiring that all operations exposed through our services contain a valid session ID available only through logging into the system with a valid user ID and password. Any request made by a client is subject to the same authorization rules as our other applications. The administrator’s systems are responsible for maintaining session IDs and providing these IDs to the service when performing other operations (Note: that this is the same as a normal web application, where the user’s browser maintains this information automatically.) If the administrator uses the same user ID and password for all clients that access their systems, the administrator is responsible for managing the security of their data.

WealthCare Admin maintains a set of users and profiles that work together to provide authentication and authorization to operations and data. A user ID and password are preserved in order to provide authentication into the system. Profiles are used when determining authorization for users when performing different operations such as reads, additions, updates, and deletes. Through this custom user management system, Alegeus Technologies provides security for all operations exposed to the clients.

Service Web Methods

The following is a list of operations that are provided by the Account Manager Service.
  • CreateEmployeeUserAccount – creates a user account for a cardholder, which allows the cardholder to log into the system.
  • CreateEmployeeUserAccountNoCard – creates a user account for an employee, which allows the employee to log into the system.
  • ForgotPasswordReset – allows users that have forgotten their passwords to reset it by providing their account number, security word, and city of birth.
  • GetContactInfo – returns the user’s email and pager information.
  • GetCurrentSessions – returns a list of current session IDs for an administrator. Note that this operation can only be performed by an administrator.
  • Login – provides authentication to the system and returns the client’s current session ID which indicates that they were able to be successfully logged into the system.
  • Logout – ends the client’s current session. Note: Clients should always log out after finishing the needed operations.
  • UpdateContactInfo – allows the user to change their email and pager information.

Service Assumptions and Business Rules

The Account Manager Service makes the following assumptions and enforces the following business rules.
  • Clients shall conform to the WS-I specifications unless otherwise agreed upon by Alegeus Technologies and the administrator.
  • Clients shall format SOAP messages in a Document/Literal format over HTTPS.
  • Clients shall have already created a valid user ID and password.
  • Clients shall have a valid session ID after being authenticated by the system. The session ID needs to be passed in the proper manner as described in the Account Manager Service Guide.
  • If the administrator uses the same user ID and password for all of their clients, the administrator is responsible for managing the security of the data.
  • Clients should validate data before submitting a request to this Service. This facilitates better performance and accurate processing on both systems.
  • Clients shall not attempt to use this service for batch processing of large amounts of data. The service is designed for synchronous calls that send or retrieve small chunks of data. If batch processing is required, then the EDI process should be used.
  • If any method fails, the service returns a SOAP fault describing the problem.

ChangePassword

This method allows a user to change their password. It applies to the user who is currently logged onto the system.

History
The ChangePassword methods are listed below:

Request Message
  • ChangePasswordRequest
Response Message
  • ChangePasswordResponse

ChangePassword Request/Response Messages
The ChangePassword method requires the following request and response messages (input and output data). The table below includes the following request message:
  • ChangePasswordRequest
  • NewPasswordStringrequired
    The user’s password. Note this password is currently passed to the service not encrypted (although the request message as a whole is encrypted by way of the transport protocol (HTTPS).
    First Available Version:ChangePasswordRequest
    Max Length:16
  • UserIdString
    The user’s WCA system ID
    First Available Version:ChangePasswordRequest
    Max Length:12
  • PasswordString
    The user’s password. Note this password is currently passed to the service not encrypted (although the request message as a whole is encrypted by way of the transport protocol (HTTPS).
    First Available Version:ChangePasswordRequest
    Max Length:16

Response Message: Empty Message

Example of a ChangePassword SOAP request message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>rtftvs45uevkgr55sq2j40z1</MBISessionID>
</MBISessionHeader>
</soap:Header>
<soap:Body>
<ChangePassword xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<changePasswordRequest>
<NewPassword>password1</NewPassword>
<UserId>xxxxx</UserId>
<Password>password8</Password>
</changePasswordRequest>
</ChangePassword>
</soap:Body>
</soap:Envelope>

Example of a ChangePassword SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/" />
</soap:Header>
<soap:Body>
<ChangePasswordResponse
               xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<ChangePasswordResult />
</ChangePasswordResponse>
</soap:Body>
</soap:Envelope>

Example Client Code
The following is an example of the client code (using a .NET proxy class for the service).


AccountManagerServiceNameSpace.MBISessionHeader mbiSessionHeader;
AccountManagerServiceNameSpace.AccountManagerService proxy;
AccountManagerServiceNameSpace.ChangePasswordRequest request;
AccountManagerServiceNameSpace.ChangePasswordResponse response;
try
{
               // Create the session SOAP header in order to pass the Service
               // the client’s current session id.
               mbiSessionHeader = new AccountManagerServiceNameSpace.MBISessionHeader();
// Create proxy object for the Account manager service
proxy = new AccountManagerServiceNameSpace.AccountManagerService();
// Point the proxy to the correct service location
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_SERVER, _server);
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_PROTOCOL, _protocol);
               // Create request message for method call (input parameters)
               request = new AccountManagerServiceNameSpace.ChangePasswordRequest();
// Set the input parameters
               request.NewPassword = _newPassword.Text;
// session ID returned from login method
               mbiSessionHeader.MBISessionID = _sessionId.Text;
               proxy.MBISessionHeaderValue = mbiSessionHeader;
// Call the method
               response = proxy.ChangePassword(request);
               MessageBox.Show("Finished.");
}
catch(SoapException se)
{
// perform needed operations
}
catch(Exception ex)
{
// perform needed operations
}

CreateEmployeeUserAccount

This method creates a user account for a cardholder, which allows the cardholder to log into the system.

History
The CreateEmployeeUserAccount methods are listed below:
Request Message
  • CreateEmployeeUserAccountRequest
Response Message
  • CreateEmployeeUserAccountResponse

CreateEmployeeUserAccount Request/Response Messages
The CreateEmployeeUserAccount method requires the following request and response messages (input and output data).
The table below includes the following request message:
  • CreateEmployeeUserAccountRequest
  • Account NumberStringrequired
    The employee’s user ID.
    First Available Version:CreateEmployeeUserAccountRequest
  • CardNumberStringrequired
    Employee’s card number.
    First Available Version:CreateEmployeeUserAccountRequest
  • CityOfBirthStringrequired
    City where the employee was born. 
    First Available Version:CreateEmployeeUserAccountRequest
  • EmailString
    E-mail address.
    First Available Version:CreateEmployeeUserAccountRequest
    Max Length:75
  • PasswordStringrequired
    The user’s password. 
    First Available Version:CreateEmployeeUserAccountRequest
    Max Length:20
  • Note: this password is currently passed to the service not encrypted (although the request message as a whole is encrypted by way of the transport protocol (HTTPS).
    First Available Version:
  • ReceiveEmailBoolean
    True means that e-mail notification has been turned on. 
    First Available Version:CreateEmployeeUserAccountRequest
    Default Values:TRUE
  • First Available Version:
  • Notification
    First Available Version:
  • SecurityWordStringrequired
    A word that helps the employee remember their password.
    First Available Version:CreateEmployeeUserAccountRequest
  • UserIdStringrequired
    The employee’s user ID that you are creating. 
    First Available Version:CreateEmployeeUserAccountRequest
    Max Length:12

 Response Message: Empty Message

Example of a CreateEmployeeUserAccount SOAP request message

 <?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>rtftvs45uevkgr55sq2j40z1</MBISessionID>
</MBISessionHeader>
</soap:Header>
<soap:Body>
<CreateEmployeeUserAccount xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<createEmployeeUserAccountRequest>
<AccountNumber >123321123</AccountNumber>
<CardNumber >5543240022153386</CardNumber>
<CityOfBirth >BirthCity</CityOfBirth>
<Email ></Email>
<Password >bwhite1</Password>
<ReceiveEmailNotification >false</ReceiveEmailNotification>
<SecurityWord >SecurityWord</SecurityWord>
<UserId >bwhite</UserId>
</createEmployeeUserAccountRequest>
</CreateEmployeeUserAccount>
</soap:Body>
</soap:Envelope>

Example of a CreateEmployeeUserAccount SOAP request message

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/" />
</soap:Header>
<soap:Body>
<CreateEmployeeUserAccountResponse xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<CreateEmployeeUserAccountResult />
</CreateEmployeeUserAccountResponse>
</soap:Body>
</soap:Envelope>

Example Client Code
The following is an example of the client code (using a .NET proxy class for the service).

AccountManagerServiceNameSpace.AccountManagerService proxy;
AccountManagerServiceNameSpace.CreateEmployeeUserAccountRequest request;
AccountManagerServiceNameSpace.CreateEmployeeUserAccountResponse response;
try
{
// Create proxy object for the Account manager service
               proxy = new AccountManagerServiceNameSpace.AccountManagerService();
// Point the proxy to the correct service location
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_SERVER, _server);
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_PROTOCOL, _protocol);
// Create request message for method call (input parameters)
              request = new AccountManagerServiceNameSpace.CreateEmployeeUserAccountRequest();
// Set the input parameters
              request.AccountNumber = _accountNumber.Text; ;
              request.CardNumber = _cardNumber.Text; ;
              request.CityOfBirth = _cityOfBirth.Text;
              request.Email = _email.Text;
              request.Password = _password.Text;
              request.ReceiveEmailNotification = (bool) _receiveEmailNotification.SelectedItem;
              request.SecurityWord = _securityWord.Text;
              request.UserId = _userId.Text;
// Call the method
             response = proxy.CreateEmployeeUserAccount(request);
             MessageBox.Show("Finished.");
}
catch(SoapException se)
{
// perform needed operations
} catch(Exception ex)
{
// perform needed operations
}

CreateEmployeeUserAccountNoCard

This method is used to create a user account for an employee, which allows the employee to log into the WealthCare Administration System. This user does not currently have a benefit card.

History
The CreateEmployeeUserAccountNoCard methods are listed below:
Request Message
  • CreateEmployeeUserAccountNoCardRequest
Response Message
  • CreateEmployeeUserAccountNoCardResponse

CreateEmployeeUserAccountNoCard Request/Response Messages
The CreateEmployeeUserAccountNoCard operation requires the following request and response messages (input and output data). The table below includes the following request message:
  • CreateEmployeeUserAccountNoCardRequest
  • Account NumberStringrequired
    The employee’s user ID.
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
  • CityOfBirthStringrequired
    City where the employee was born. 
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
  • EmailString
    E-mail address.
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
    Max Length:75
  • EmployerIdStringrequired
    First 3 characters are the employers prefix, unique for each employer. Next 9 characters are created by the administrator for the employer. 
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
    Max Length:18
  • FirstNameStringrequired
    Employee’s first name. 
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
    Max Length:50
  • LastNameStringrequired
    Employee’s last name. 
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
    Max Length:50
  • PasswordStringrequired
    The user’s password, which is used the first time the user logs in. 
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
    Max Length:20
  • First Available Version:
  • Note: This password is currently passed to the service unencrypted (although the request message as a whole is encrypted by way of the transport protocol (HTTPS).
    First Available Version:
  • ReceiveEmailBoolean
    The default is true, e-mail notification has been turned on. 
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
    Default Values:TRUE
  • First Available Version:
  • Notification
    First Available Version:
  • SecurityWordStringrequired
    A word that helps the employee remember their password
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
  • UserIdStringrequired
    The user’s system ID that you are creating.
    First Available Version:CreateEmployeeUserAcco untNoCardRequest
    Max Length:12

Response Message: Empty Message

Example of a CreateEmployeeUserAccountNoCard SOAP request message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>rtftvs45uevkgr55sq2j40z1</MBISessionID>
</MBISessionHeader>
</soap:Header>
<soap:Body>
<CreateEmployeeUserAccountNoCard xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<createEmployeeUserAccountNoCardRequest>
<AccountNumber>111222333</AccountNumber>
<CityOfBirth>Tester</CityOfBirth>
<Email />
<EmployerId>EASSES</EmployerId>
<FirstName>John</FirstName>
<LastName>Smith</LastName>
<Password>password2</Password>
<ReceiveEmailNotification>false</ReceiveEmailNotification>
<SecurityWord>Tester</SecurityWord>
<UserId>jsmith1</UserId>
</createEmployeeUserAccountNoCardRequest>
</CreateEmployeeUserAccountNoCard>
</soap:Body>
</soap:Envelope>

Example of a CreateEmployeeUserAccountNoCard SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/" />
</soap:Header>
<soap:Body>
<CreateEmployeeUserAccountNoCardResponse
           xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
           <CreateEmployeeUserAccountNoCardResult />
</CreateEmployeeUserAccountNoCardResponse>
</soap:Body>
</soap:Envelope>

Example Client Code
The following is an example of the client code (using a .NET proxy class for the service).


AccountManagerServiceNameSpace.AccountManagerService proxy;
AccountManagerServiceNameSpace.CreateEmployeeUserAccountNoCardRequest request;
AccountManagerServiceNameSpace.CreateEmployeeUserAccountNoCardResponse response;
try
{
// Create proxy object for the Account Manager service
               proxy = new AccountManagerServiceNameSpace.AccountManagerService();
// Point the proxy to the correct service location
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_SERVER, _server);
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_PROTOCOL, _protocol);
// Create request message for method call (input parameters)
               request = new
                               AccountManagerServiceNameSpace.CreateEmployeeUserAccountNoCardRequest();
// Set the input parameters
               request.AccountNumber = _accountNumber.Text; ;
               request.CityOfBirth = _cityOfBirth.Text;
               request.Email = _email.Text;
               request.EmployerId = _employerId.Text;
               request.FirstName = _firstName.Text;
               request.LastName = _lastName.Text;
               request.Password = _password.Text;
               request.ReceiveEmailNotification = (bool) _receiveEmailNotification.SelectedItem;
               request.SecurityWord = _securityWord.Text;
               request.UserId = _userId.Text;
// Call the method
               response = proxy.CreateEmployeeUserAccountNoCard(request);
               MessageBox.Show("Finished.");
}
catch(SoapException se)
{
// perform needed operations
}
catch(Exception ex)
{
// perform needed operations
}

ForgotPasswordReset

This method allows the administrator to reset an employee’s password. Reset the password by providing the account number (employee’s ID), security word, and city of birth.

History
The ForgotPasswordReset methods are listed below:
Request Message
  • ForgotPasswordResetRequest
Response Message
  • ForgotPasswordResetResponse

ForgotPasswordReset Request/Response Messages
The ForgotPasswordReset method requires the following request and response messages (input and output data). The table below includes the following request message:
  • ForgotPasswordResetRequest
  • Account NumberStringrequired
    The employee’s system ID.
    First Available Version:ForgotPasswordReset
  • Field NameXSD Typerequired
    Description
    First Available Version:First Available Version
    Default Values:Default Value
    Max Length:Max Length
  • First Available Version:Request
  • CityOfBirthStringrequired
    City where the employee was born. 
    First Available Version:ForgotPasswordReset Request
  • NewPasswordStringrequired
    The user’s password. Note this password is currently passed to the service not encrypted (although the request message as a whole is encrypted by way of the transport protocol (HTTPS).
    First Available Version:ForgotPasswordReset Request
    Max Length:20
  • SecurityWordStringrequired
    A word that was given, when the employee user account was created. This helps the employee remember their password. 
    First Available Version:ForgotPasswordReset Request

Response Message: Empty Message

Example of a ForgotPasswordReset SOAP request message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>rtftvs45uevkgr55sq2j40z1</MBISessionID>
</MBISessionHeader>
</soap:Header>
<soap:Body>
<ForgotPasswordReset xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<forgotPasswordResetRequest>
<AccountNumber>111222333</AccountNumber>
<CityOfBirth>Tester</CityOfBirth>
<NewPassword>password3</NewPassword>
<SecurityWord>Tester</SecurityWord>
</forgotPasswordResetRequest>
</ForgotPasswordReset>
</soap:Body>
</soap:Envelope>

Example of a ForgotPasswordReset SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/" />
</soap:Header>
<soap:Body>
<ForgotPasswordResetResponse
            xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<ForgotPasswordResetResult />
</ForgotPasswordResetResponse>
</soap:Body>
</soap:Envelope>

Example Client Code
The following is an example of the client code (using a .NET proxy class for the service).

AccountManagerServiceNameSpace.AccountManagerService proxy;
AccountManagerServiceNameSpace.ForgotPasswordResetRequest request;
AccountManagerServiceNameSpace.ForgotPasswordResetResponse response;
try
{
// Create proxy object for the Account Manager service
               proxy = new AccountManagerServiceNameSpace.AccountManagerService();
// Point the proxy to the correct service location
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_SERVER, _server);
               proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_PROTOCOL, _protocol);
// Create request message for method call (input parameters)
               request = new AccountManagerServiceNameSpace.ForgotPasswordResetRequest();
// Set the input parameters
               request.AccountNumber = _accountNumber.Text; ;
               request.CityOfBirth = _cityOfBirth.Text;
               request.NewPassword = _newPassword.Text;
               request.SecurityWord = _securityWord.Text;
// Call the method
               response = proxy.ForgotPasswordReset(request);
               MessageBox.Show("Finished.");
}
catch(SoapException se)
{
// perform needed operations
}
catch(Exception ex)
{
// perform needed operations
}

____________________________________________________________________________________________________________________________________________________________

GetContactInfo

This method returns the user’s email and pager information. This method applies to the user who is currently logged in to the system.

History
The GetContactInfo methods are listed below:

Request Message
  • GetContactInfoRequest
Response Message
  • GetContactInfoResponse

GetContactInfo Request/Response Messages
The GetContactInfo method requires the following request and response messages (input and output data). The table below includes the following request message:
  • GetContactInfoResponse
  • EmailString
    Current logged on user’s email address.
    First Available Version:GetContactInfoResponse
  • PagerString
    Current logged on user’s pager number.
    First Available Version:GetContactInfoResponse

Example of a GetContactInfo SOAP request message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>jwiapc55mlipys55pnbacne1</MBISessionID>
</MBISessionHeader>
</soap:Header>
<soap:Body>
<GetContactInfo xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/" />
</GetContactInfo>
</soap:Body>
</soap:Envelope>

Example of a GetContactInfo SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/" />
</soap:Header>
<soap:Body>
<Response xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<GetContactInfoResult>
<Email>jsmith1@emailserver.com</Email>
<Pager>555 555 - 5555</Pager>
</GetContactInfoResult>
</Response>
</soap:Body>
</soap:Envelope>

Example Client Code
The following is an example of the client code (using a .NET proxy class for the service).

AccountManagerServiceNameSpace.MBISessionHeader sh;
AccountManagerServiceNameSpace.AccountManagerService proxy;
AccountManagerServiceNameSpace.GetContactInfoResponse response;
try
{
             _dataset.Tables["ContactInfo"].Clear();
             sh = new AccountManagerServiceNameSpace.MBISessionHeader();
// Create proxy object for the Account Manager service
             proxy = new AccountManagerServiceNameSpace.AccountManagerService();
// Point the proxy to the correct service location
             proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_SERVER, _server);
             proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_PROTOCOL, _protocol);
             // session ID returned from logon method
            sh.MBISessionID = _sessionId.Text;
            proxy.MBISessionHeaderValue = sh;
// Call the method
            response = proxy.GetContactInfo();
            if(response != null)
            {
                    _dataset.Tables["ContactInfo"].Rows.Add(new string[]
                   {
                                   response.Email,
                                   response.Pager
                   });
            }
            _contactInfo.CaptionText =
_dataset.Tables["ContactInfo"].Rows.Count + " records found.";
}
catch(SoapException se)
{
           MessageBox.Show(Formatter.FormatSoapException(se));
}
catch(Exception ex)
{
           MessageBox.Show("EXCEPTION:" + ex.Message);
}

GetCurrentSessions

This method returns all current active session IDs for an administrator. This information can be used to logout or reconnect the client to a session(s) in the event where the client’s system fails while users are logged into the WealthCare Administration System. Only users with an administrator user type profile can perform the GetCurrentSessions method.

History
The GetCurrentSessions methods are listed below:

Request Message
  • GetCurrentSessionsRequest
Response Message
  • GetCurrentSessionsResponse

GetCurrentSessions Request/Response Messages
The GetCurrentSessions method requires the following request and response messages (input and output data). The table below includes the following request message:
  • GetCurrentSessionsRequest
  • UserIdStringrequired
    The administrator user ID within the system.
    First Available Version:GetCurrentSessionsRequest
    Max Length:12
  • PasswordStringrequired
    Administrator’s password.
    First Available Version:GetCurrentSessionsRequest
    Max Length:20
  • TpaIdStringrequired
    Administrator ID.
    First Available Version:GetCurrentSessionsRequest
The table below includes the following response message:
  • GetCurrentSessionsResponse
  • LastAccessedString
    The date and time the session was last active. This time is updated at the end of every web method call.
    First Available Version:GetCurrentSessionsResponse
  • SessionIdString
    The session IDs that are currently active.
    First Available Version:GetCurrentSessionsResponse
  • SessionTimeoutint
    The length in minutes that a session can be inactive before it becomes invalid.
    First Available Version:GetCurrentSessionsResponse
  • UserIdString
    The login user ID.
    First Available Version:GetCurrentSessionsResponse

Example of a GetCurrentSessions SOAP request message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>jwiapc55mlipys55pnbacne1</MBISessionID>
</MBISessionHeader>
</soap:Header>
<GetCurrentSessions xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<getCurrentSessionsRequest>
<UserId>myTpaUserId</UserId>
<Password>myTpaPassword</Password>
<TpaId>myTpaId</TpaId>
</getCurrentSessionsRequest>
</GetCurrentSessions>
         </soap:Body>
         </soap:Envelope>

Example of a GetCurrentSessions SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MessageId>61d2c606-3dde-4469-a74a-bd99c3ef0c9a</MessageId>
</MBIMessageIdHeader>
</soap:Header>
<soap:Body>
<GetCurrentSessionsResponse
xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<GetCurrentSessionsResult>
<GetCurrentSessionsResponse>
<SessionId>f300uuyukf1hxi55xtdxtp55</SessionId>
<LastAccessed>2004-05-26T16:24:46.5233028-04:00</LastAccessed>
<UserId>userid</UserId>
<SessionTimeout>5</SessionTimeout>
</GetCurrentSessionsResponse>
<GetCurrentSessionsResponse>
<SessionId>3iu51d3vujoygrrr53ui0w55</SessionId>
<LastAccessed>2004-05-26T16:24:50.3191394-04:00</LastAccessed>
<UserId>userid</UserId>
<SessionTimeout>5</SessionTimeout>
</GetCurrentSessionsResponse>
<GetCurrentSessionsResponse>
<SessionId>e5dvud45jmglek55i02jhlnr</SessionId>
<LastAccessed>2004-05-26T16:24:48.5464136-04:00</LastAccessed>
<UserId>userid</UserId>
<SessionTimeout>5</SessionTimeout>
</GetCurrentSessionsResponse>
</GetCurrentSessionsResult>
</GetCurrentSessionsResponse>
         </soap:Body>
         </soap:Envelope>

Example Client Code

The following is an example of the client code (using a .NET proxy class for the service).


try
{
// Create proxy object for the Account Manager service
localhost.AccountManagerService proxy = new localhost.AccountManagerService();
              // Create request message for method call (input parameters)
              localhost.GetCurrentSessionsRequest request =
new localhost.GetCurrentSessionsRequest();
             // Declare reference variable for receiving the returned values,
// in this case the response will contain the current session ID(s).
localhost.GetCurrentSessionsResponse[] response;
            // Set the input parameters
           request.Password = "myTpaPassword";
           request.UserId = "myTpaUserId";
           request.TpaId = "myTpaId";
           // Call the GetCurrentSessions method
           response = proxy.GetCurrentSessions(request);
           if(response!=null)
           {
                            for(int i=0; i < response.Length; i++)
                            {
                                               // perform needed operations
                            }
           }
          else
          {
                            MessageBox.Show("No Sessions");
}
}
catch(SoapException se)
{
           // perform needed operations
}
catch(Exception ex)
{
           // perform needed operations
}

Login

This method is used to provide authentication into the WealthCare Administration System and returns the client’s current session ID. As with normal web applications where session IDs can be maintained by the client’s browser through the use of cookies, a client’s proxy object to a Alegeus Technologies service can manage session state through the use of cookies (see the example code below). However, in order to meet the requirements of the WS-I specification which states “R1121 - An INSTANCE SHOULD NOT require consumer support for Cookies in order to function correctly.”, Alegeus Technologies provides a second method of maintaining state between the client and the system by way of a custom SOAP header (see the example code below). Both of these methods provide the same functionality and the client should choose the method which meets their needs.

History
The Login methods are listed below:

Request Message
  • LoginRequest
Response Message
  • LoginResponse

Login Request/Response Messages
The Login method requires the following request and response messages (input and output data). The table below includes the following request message:
  • LoginRequest
  • UserIdStringrequired
    The user’s system ID.
    First Available Version:LoginRequest
    Max Length:12
  • PasswordStringrequired
    The user’s password. Note this password is currently passed to the service not encrypted (although the request message as a whole is encrypted by way of the transport protocol (HTTPS).
    First Available Version:LoginRequest
    Max Length:20
  • SessionTime outInteger
    SessionTimeout allows a range between 1 and 40 minutes. If the default value is sent or any other value is sent that is not within the above range, then the timeout is set to 40 minutes. 
    First Available Version:LoginRequest
    Default Values:-1
The table below includes the following response message:
  • LoginResponse

 

  • SessionIdString
    The client’s current session ID. Session ID is required for using any of the web methods.  
    First Available Version:LoginResponse

Example of a Login SOAP request message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<Login xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
              <loginRequest>
              <UserId>myuserId</UserId>
              <Password>mypassword</Password>
              <SessionTimeout>5</SessionTimeout>
              </loginRequest>
</Login>
</soap:Body>
</soap:Envelope>

Example of a Login SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MessageId>01532fa0-0b43-4427-9aaf-46a061756e42</MessageId>
</MBIMessageIdHeader>
</soap:Header>
<soap:Body>
<LoginResponse xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
               <LoginResult>
               <SessionId>lc5ay55555s1voy2pwdb2w2d</SessionId>
                              </LoginResult>
               </LoginResponse>
               </soap:Body>
               </soap:Envelope>

Example of an error message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MessageId>3544c69d-8ce7-49c8-a4e2-083ff162d581</MessageId>
</MBIMessageIdHeader>
</soap:Header>
<soap:Body>
<soap:Fault>
<faultcode>soap:Client</faultcode>
<faultstring>Logon failed. Please check your information and try again.</faultstring>
<faultactor>http://www.medibank.com/MBIWebServices/</faultactor>
<detail>
<mbiExceptions xmlns="http://www.medibank.com/MBIWebServices/SoapFault/">
<mbiException>
<code>12002</code>
<message>Logon failed. Please check your information and try again.</message>
</mbiException>
</mbiExceptions>
                                        </detail>
                          </soap:Fault>
                </soap:Body>
                </soap:Envelope>

Example Client Code
The following is an example of the client code (using a .NET proxy class for the service) using a soap header to manage session.

try
{
              // Create proxy object for the Account manager service
              localhost.AccountManagerService proxy = new localhost.AccountManagerService();
              // Create request message for method call (input parameters)
              localhost.LoginRequest request = new localhost.LoginRequest();
              // Declare reference variable for receiving the returned values,
// in this case the response will contain the current session Id.
              localhost.LoginResponse response;
              // Set the input parameters
              request.Password = "mypassword";
              request.UserId = "myuserId";
              request.SessionTimeout = 5;
              // Call the Login method
              response = proxy.Login(request);
              // store session id for future web method calls
             _sessionID = response.SessionId;
             MessageBox.Show("Done");
}
catch(SoapException se)
{
// perform needed operations
}
catch(Exception ex)
{
             // perform needed operations
}

Using a cookie to manage session

try
{
             // Create proxy object for the Account Manager service
             localhost.AccountManagerService proxy = new localhost.AccountManagerService();
// Create request message for method call (input parameters)
             localhost.LoginRequest request = new localhost.LoginRequest();
// Set the input parameters
            request.Password = "mypassword";
            request.UserId = "myuserId";
            // In .NET we need to create a new CookieContainer and then the framework
// will do the rest as far as the transport of cookies to us automatically.
            proxy.CookieContainer = new System.Net.CookieContainer();
            // Call the login method. Note that we don’t store the response message for
// the session Id. This Id is stored automatically in the CookieContainer.
           proxy.Login(request);
           // Store the cookie with the session Id for future web method calls
           _cookieContainer = proxy.CookieContainer;
           MessageBox.Show("Done");
}
catch(SoapException se)
{
           // perform needed operations
}
catch(Exception ex)
{
          // perform needed operations
}

 

___________________________________________________________________________________________________________________________________________________________

Logout

This method is used to end a client’s session and to perform any needed cleanup in the system. In order to log out of the system, the client must have a current session ID and pass the ID to the logout method through a cookie or a custom SOAP header. 

History
The Logout methods are listed below:

Request Message
  • Logout
Response Message
  • LogoutResponse

Logout Request/Response Messages
The Logout method does not require any parameters to be passed to it and does not return any values. Note that the SOAP request and response messages below. 

Example of a Logout SOAP request message

            <?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>qwxfphek4ocqk15552slnmrb</MBISessionID>
</MBISessionHeader>
</soap:Header>
<soap:Body>
<Logout xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/" />
</Logout>
</soap:Body>
          </soap:Envelope>

Example of a Logout SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MessageId>97114218-7a11-49c4-9fbe-35ffff489be3</MessageId>
</MBIMessageIdHeader>
</soap:Header>
<soap:Body>
<LogoutResponse
xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/" />
</LogoutResponse>
</soap:Body>
</soap:Envelope>

Example Client Code
The following is an example of the client code (using a .NET proxy class for the service).

try
{
              // Create proxy object for the Account Manager service
              localhost.AccountManagerService proxy = new localhost.AccountManagerService();
              // Create the custom session header in order to pass the current session Id.
// Note that a cookie could be used instead.
              localhost.MBISessionHeader sh = new localhost.MBISessionHeader();
              sh.MBISessionID = _sessionID;
              proxy.MBISessionHeaderValue = sh;
              // Call the logout method
              proxy.Logout();
              MessageBox.Show("Done");
}
catch(SoapException se)
{
              // perform needed operations
}
catch(Exception ex)
{
             // perform needed operations
}

UpdateContactInfo

This method allows the user to change their email and pager information. It applies to the user who is currently logged in to the system.

History 
The UpdateContactInfo methods are listed below:

Request Message
  • UpdateContactInfoRequest
Response Message
  • UpdateContactInfoResponse

UpdateContactInfo Request/Response Messages
The UpdateContactInfo method requires the following request and response messages (input and output data). The table below includes the following request message:
  • UpdateContactInfoRequest
  • EmailString
    Enter the new e-mail address.
    First Available Version:UpdateContactInfoRequest
  • PagerString
    Enter the new pager number. 
    First Available Version:UpdateContactInfoRequest

Response Message: Empty Message

Example of an UpdateContactInfo SOAP request message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBISessionHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/">
<MBISessionID>jwiapc55mlipys55pnbacne1</MBISessionID>
</MBISessionHeader>
</soap:Header>
<soap:Body>
<UpdateContactInfo xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<updateContactInfoRequest>
<Email>new@emailaddress.com</Email>
<Pager>555 555 - 55555</Pager>
</updateContactInfoRequest>
</UpdateContactInfo>
</soap:Body>
</soap:Envelope>

Example of an UpdateContactInfo SOAP response message

<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<MBIMessageIdHeader xmlns="http://www.medibank.com/MBIWebServices/SoapHeader/" />
</soap:Header>
<soap:Body>
<UpdateContactInfoResponse
             xmlns="http://www.medibank.com/MBIWebServices/Access/Messages/AccountManager/Request/2004/06/">
<UpdateContactInfoResult />
</UpdateContactInfoResponse>
</soap:Body>
</soap:Envelope>

Example Client Code

The following is an example of the client code (using a .NET proxy class for the service).

AccountManagerServiceNameSpace.MBISessionHeader mbiSessionHeader;
AccountManagerServiceNameSpace.AccountManagerService proxy;
AccountManagerServiceNameSpace.UpdateContactInfoRequest request;
AccountManagerServiceNameSpace.UpdateContactInfoResponse response;
try
{
             mbiSessionHeader = new AccountManagerServiceNameSpace.MBISessionHeader();
// Create proxy object for the Account Manager service
proxy = new AccountManagerServiceNameSpace.AccountManagerService();
// Point the proxy to the correct service location
             proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_SERVER, _server);
             proxy.Url = proxy.Url.Replace(Formatter.DEFAULT_PROTOCOL, _protocol);
// Create request message for method call (input parameters)
             request = new AccountManagerServiceNameSpace.UpdateContactInfoRequest();
             request.Email = _email.Text;
             request.Pager = _pager.Text;
// session ID returned from logon method
            mbiSessionHeader.MBISessionID = _sessionId.Text;
            proxy.MBISessionHeaderValue = mbiSessionHeader;
// Call the method
            response = proxy.UpdateContactInfo(request);
            MessageBox.Show("Finished.");
}
catch(SoapException se)
{
            // perform needed operations
}
catch(Exception ex)
{
            // perform needed operations
}