Using the Live Meeting API with Microsoft Online-Hosted Live Meeting Service

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

When Live Meeting is purchased through Microsoft Online services (Microsoft Online) as part of the Business Productivity Online Suite, the Live Meeting conference center is managed by Microsoft Online. One of the core management functions performed by Microsoft Online is the management of user identities consumed by all elements of the Business Productivity Online Suite. Administrators of these conference centers manage user identities with the Microsoft Online administration center, rather than Live Meeting Manager.

Since identities are hosted in Microsoft Online, users must authenticate first with Microsoft Online before making API requests.  Specifically, an authentication ticket must be provided with each message request on the Online-hosted Live Meeting conference center and supplied in the place of a user id and password. The authentication ticket is provided by Microsoft Online with a call into a Microsoft Online web service.

If the Live Meeting conference center is accessed using a Live Meeting XML API client, each request on the conference center must contain a new authentication ticket. The ticket is valid for a single request and must be replaced with a new authentication ticket for each subsequent request. If a local administrator access the conference center using the browser-based Live Meeting Manager, a single authentication ticket is used for the duration of the browser session. For more information about using the obtained authentication ticket, see PlaceWareConfCenter Element.

Live Meeting API User Management Restrictions

Microsoft Online-hosted Live Meeting users are administered through the Microsoft Online Administrative Console instead of Live Meeting Manager. A client application using the Live Meeting API is restricted to very limited user management functions for this reason. Users must not be added or deleted through the Live Meeting Manager. In addition, a client application or Live Meeting Manager user cannot change many of the identity attributes associated with a Live Meeting user.

Adding, updating, or deleting a user through the Live Meeting APIs does not raise error messages when Live Meeting is hosted by Microsoft Online. However, doing so causes the Live Meeting conference center and the Microsoft Online user identity store to be out of sync. A Live Meeting user will not be able to access the Live Meeting component of the Business Productivity Online Suite as a result. The following list specifies the user management API calls that must not be made through the Live Meeting API.

  • CreateUser Message

  • DeleteUser Message

  • ModifyUser Message

    The ModifyUser message can be used to update a reduced list of user attributes. The following attributes and options must not be updated:

    • Attribute: password

    • Attribute: userID

    • Attribute: userName

    • Option: firstName

    • Option: lastName

    • Option: email

    • Option: expireTime

    • Option: isAdministrator

    • Option: isOrganizer

    • Option: meetingPrivilege

  • ModifyUserProfile Message

    the ModifyUserProfile message shares the same attribute and option restrictions as ModifyUser.

Obtaining an Authentication Ticket

A Microsoft Online-generated authentication ticket is obtained from LMWebService, a web service hosted by Microsoft Online. The service WSDL file is located at https://lm.microsoftonline.com/lmwebservice.asmx?wsdl. To obtain access to the web service programmatically, a .NET project must include a Web Reference to this WSDL. The .NET project must provide a certificate obtained from Microsoft Online when a user is registered with Microsoft Online. Using the LMWebService call, GetTicket, a custom client obtains a string authentication ticket to be used in further PlaceWareConfCenter Element requests. An authentication ticket is returned with a ticketTimeout value that indicated the number of minutes before the authentication ticket is invalidated because of inactivity.

The following example obtains an authentication ticket using the LMWebService. This example is used where a client has not obtained a certificate from Microsoft Online after installing the Microsoft Online Single-sign on client


using System.Net;

//...

LMWebService lmWebService = new LMWebService();
lmWebService.Url = "https://lm.microsoftonline.com/lmwebservice.asmx?wsdl";

//CredentialCache comes from System.Net namespace
lmWebService.Credentials = CredentialCache.DefaultCredentials;

string lmUserId;
string name;
string role;
string ticketURL;
int ticketTimeout;

Status outcome = lmWebService.GetTicket(out lmUserId, out name, out role,
                                        out ticketURL, out ticketTimeout);
if (outcome == Status.Success)
{
   Console.WriteLine("Ticket obtained for user: ");
   Console.WriteLine("lmUserId: " + lmUserId);
   Console.WriteLine("name: " + name);
   Console.WriteLine("role: " + role);
   Console.WriteLine("ticketURL: " + ticketURL);
   Console.WriteLine("ticketTimeout: " + ticketTimeout);
}
else
{
   Console.WriteLine("Ticket not obtained for user " + windowsId +
                     " due to error " + outcome);
}

A registered Microsoft Online user can install the single-sign on client and obtain an authentication certificate to be used in place of the credentials utilized in the previous example. A client with the certificate can add a Web Reference to a .NET project that will obtain a programmable object (LMWebService.LMWebServiceSoapClient) representing a WSDL originating from https://lm.microsoftonline.com/lmwebservice.asmx?wsdl. The examples are very similar except that the web service in the following example does not expose a Credentials property.

Note that a Live Meeting XML API client must call GetTicket prior to every request on a conference center hosted by Microsoft Online. The obtained authentication ticket is placed in the outbound request. For more information about using the obtained authentication ticket, see PlaceWareConfCenter Element.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Net;

namespace ConnectorTest
{
    class Program
    {
        static void Main(string[] args)
        {

            LMWebService.LMWebServiceSoapClient ws = new LMWebService.LMWebServiceSoapClient();
            
            string userId;
            string name;
            string role;
            string ticket;
            int ticketTimeout;

            LMWebService.Status outcome = ws.GetTicket(out userId, out name, out role, out ticket, out ticketTimeout);
            
            if (outcome == LMWebService.Status.Success)
            {
                Console.WriteLine("Ticket obtained for user: ");
                Console.WriteLine("lmUserId: " + userId);
                Console.WriteLine("name: " + name);
                Console.WriteLine("role: " + role);
                Console.WriteLine("ticketURL: " + ticket);
                Console.WriteLine("ticketTimeout: " + ticketTimeout);
            }
            else
            {
                Console.WriteLine("Ticket not obtained for user due to error " + outcome);
            }
        }
    }
}