Previous Topic: Create a Web Services ConfigurationNext Topic: Configure a Mobile App

Modify the Registration Email

Edit the default registration email to include the URL for the mobile configuration object.

Follow these steps:

  1. In the User Console, navigate to System, Email, Modify Email.
  2. Search for and select the Registered User for Mobile App email.
  3. On the Content tab, click the Toggle HTML Source button.
  4. Specify the URL for the mobile configuration object in the href entry for mobileregservidm as follows:

    <a href="mobileregservidm://{'Attribute:%ACTCODE%'}&amp;https://FQN/iam/im/ws/Alias/mobile/ConfigName">


    Specify the name or IP address of the CA Identity Manager server.


    Specify the name of the environment.


    Specify the name of the configuration object.

  5. Click Submit.

How to Configure CA SiteMinder® Support for the Mobile App

The Web Services used by the Mobile Application can support native authentication using username/password credentials passed by the Mobile Application via HTTP AUTHORIZATION header or CA SiteMinder® Authentication. The Web Services Configuration as previously discussed defines the authorization policy for each of the REST resource and method requests.

IM REST Web Service URLs

The IM REST Services rely on the following base URL:


Mobile Application Configuration URL

The Mobile Application Configuration contains a specific URL that allows retrieval of bootstrap configuration information required for the Mobile App configuration download. The configuration URL is as follows:

http[s]://[FQN]/ iam/im/ws/[Alias]/mobile/[ConfigName]

ConfigName - The name of the Mobile Application configuration for the CA Identity Manager Environment for a given set of Mobile Application Users. The configuration name is made known to the Application via a link to the Configuration URL in the registration email sent upon approval of a user’s request for Mobile Application access.

Non-authenticated REST APIs

Configuration APIs

The following Configuration APIs do not require authentication.

http[s]://[FQN]/ iam/im/ws/[Alias]/mobile/[ConfigName]/image

Reset Password API


Note: The resetPasswordWithResetCodeAndToken API contains security tokens passed in http headers from the Mobile Application. The CA Identity Manager Server verifies the presence and validity of these tokens.

When integrating with CA SiteMinder® to protect CA Identity Manager access, these URLS could be defined with a realm that is not protected or protected with an anonymous authentication scheme.

Authenticated REST APIs

The following URLS are used by the Mobile Application and require authentication and use the Web Service Configuration polices for authorization.



Self Service User