3 Protocol Details


The client side of this protocol is simply a pass-through. That is, no additional timers or other state is required on the client side of this protocol. Calls made by the higher-layer protocol or application are passed directly to the transport, and the results returned by the transport are passed directly back to the higher-layer protocol or application.

There is no order in which methods are required to be called, except that at least one of the sign in methods, SignIn (section and SignInMultiple (section, MUST precede the sign out methods, SignOut (section and SignOutMultiple (section The sign in and sign out methods require as input valid GUIDs that can be retrieved using the GetGroups method (section If the user is not an agent, all the methods from the protocol having a Boolean as a return value will return false.

Except where specified, protocol clients SHOULD interpret HTTP status codes returned by the protocol server as specified in [RFC2616] (Section 10, Status Code Definitions). This protocol allows protocol servers to perform implementation-specific authorization checks and notify protocol clients of authorization faults using HTTP status codes.