User Objects

User objects provide a means to obtain Authentication values (these objects can be used when logging into a Token). The User object is supported only on soft (non-smart card based) tokens. It is automatically created whenever a Token is initialized.

The attributes of the User Object may be read to obtain an Authentication Challenge or to get a Temporary PIN.

For more details on the use of the User Object, refer to the description of C_Login.

Table 1: User Attributes
Attribute Data Type Meaning
CKA_AUTH_CHALLENGE CK_CHAR[16] The current challenge value. Each time this attribute is read a new challenge value will be returned.
CKA_TEMP_PIN CK_CHAR[32] The current Temporary PIN value. Each time this attribute is read a new PIN value will be returned. A CKU_USER or CKU_SO must be logged in or else a read of this attribute will return CKR_USER_NOT_LOGGED_IN error. The PIN returned can only be used to authenticate the same user that is currently logged in.


Customer Support Portal

SafeNet ProtectToolkit 5.7 Product Documentation  08 January 2020  Copyright 2009-2020 Gemalto. All rights reserved.