Pass Through Authentication

To Configure Pass Through Authentication on existing Web Services, perform the following:

  1. Add the isGetObjectRequiredForPTA attribute using IdentityNow API. Refer to IdentityNow REST API - Update Source (Partial).

    Use the isGetObjectRequiredForPTA key with true as a value

    • When set to true, it would execute Get Object operation to verify if the entered userName (considered as Identity attribute) is present on the managed system or not.

    • When set to false, it would skip Get Object operation and Pass-through Authentication operation must have response mapping with account object schema attributes.

  2. (Optional) If user wants to configure error messages for Pass Through Authentication, it can be done using the following entry keys:

    • objectNotFoundErrorMsg

    • authenticationFailedErrorMsg

    • expiredPasswordErrorMsg

    For more information, see Additional Configuration Parameters.
    For example:

    <soapenv:Envelope xmlns:soapenv="" 


General Information

As displayed in the following screenshot, in the Operation Name field, enter Pass-through Authentication as name of the operation. Select Test Connection in the Operation Type drop-down list. In the Context URL field, enter the context URL specific to Pass-through Authentication. Select POST in the HTTP Method drop-down list.

Header and Body

In the Raw field, enter the XML payload for Pass-through Authentication.

The Body is of two types, Form Data and Raw. The XML format does not support Form Data.

Response Information

Schema Mapping

XPath Namespace Mapping