NOTE: Because this is a purely administrative call, we have included the description in this chapter. The non-administrative calls are detailed in the REST API section.

StrongKey has created the changeusername web service to enable administrators to change the username associated with registered FIDO keys. This is useful in the following use case.

When enterprises use Active Directory (AD) to manage users, a user (This email address is being protected from spambots. You need JavaScript enabled to view it.) may be registered under a specific domain with a few FIDO keys associated to that UPN. With changeusername enabled, if that user moves to a different domain (strongkey.local) in the company, the UPN changes to This email address is being protected from spambots. You need JavaScript enabled to view it.. Instead of re-registering FIDO keys for the new UPN, an administrator can use this web service to change the username associated with registered FIDO keys from the old to new (This email address is being protected from spambots. You need JavaScript enabled to view it. → This email address is being protected from spambots. You need JavaScript enabled to view it.). In AD the pre-Windows 2000 username attribute is sAMAccountName; other systems may have different nomenclature for the pre-Windows 2000 username value.

Though we have described a use case for AD here, administrators and developers may find other scenarios where this functionality will be beneficial.