Service: zimbraAdmin
Namespace: "urn:zimbraAdmin"
Auth SOAP Command

Authenticate for administration

Authorization token required false - can't require auth on auth request
Admin Authorization token required false - can't require auth on auth request

AuthRequest

    <AuthRequest [persistAuthTokenCookie="(0|1)"] [csrfTokenSecured="(0|1)"] [name="{auth-name}"] [password="..."]> ## AuthRequest
        <authToken>{authToken} (String)</authToken>
        <account by="{acct-selector-by} (adminName|appAdminName|id|foreignPrincipal|name|krb5Principal)">{key}</account> ## AccountSelector
        <virtualHost>{virtualHost} (String)</virtualHost>
        <twoFactorCode>{twoFactorCode} (String)</twoFactorCode>
    </AuthRequest>

The following table describes elements and attributes you can define within a <AuthRequest> element:

XPath Required / Optional Description
@persistAuthTokenCookie Optional (0 or 1) Type:0|1
controls whether the auth token cookie in the response should be persisted when the browser exits.
0: (default)
the cookie will be deleted when the Web browser exits.
1: The "Expires" attribute of the cookie will be set per rfc6265.
@csrfTokenSecured Optional (0 or 1) Type:0|1
controls whether the client supports CSRF token
0: (default)
Client does not support CSRF token
1: The client supports CSRF token.
@name Optional (0 or 1) Type:String
Name. Only one of {auth-name} or <account> can be specified
@password Optional (0 or 1) Type:String
Password - must be present if not using AuthToken
/authToken Optional (0 or 1) Type:{authToken} (String)
An authToken can be passed instead of account/password/name to validate an existing auth token.
/account Optional (0 or 1) Type:{key}
Account
Description for element text content:The key used to identify the account. Meaning determined by {acct-selector-by}
/account@by Required (only 1) Type:adminName|appAdminName|id|foreignPrincipal|name|krb5Principal
Select the meaning of {acct-selector-key}
/virtualHost Optional (0 or 1) Type:{virtualHost} (String)
Virtual host
/twoFactorCode Optional (0 or 1) Type:{twoFactorCode} (String)
the TOTP code used for two-factor authentication

AuthResponse

    <AuthResponse> ## AuthResponse
        <authToken>{authToken} (String)</authToken>
        <csrfToken>{csrfToken} (String)</csrfToken>
        <lifetime>{lifetime} (long)</lifetime>
    </AuthResponse>

The following table describes elements and attributes you can define within a <AuthResponse> element:

XPath Required / Optional Description
/authToken Required (only 1) Type:{authToken} (String)
Auth Token
/csrfToken Optional (0 or 1) Type:{csrfToken} (String)
if client is CSRF token enabled , the CSRF token Returned only when client says it is CSRF enabled .
/lifetime Required (only 1) Type:{lifetime} (long)
Life time for the authorization