Is it possible to create an operator through a means other than the Access Management --> Operators node from within the console?
I'm thinking through a webapp or via an external webform that updates the xtk:operator schema via API.
I've been able to create an operator in this way, but trying to set the password [access/@password] has been difficult.
I can see it's updated to the string value i've set it to, but i gather this attribute has some kind of extra encryption - meaning the string value i've set does not work as a valid console when subsequently trying to login through the console.
I guess your Adobe Campaign is classic version 6.1, not ACS, and I wonder if you are in On Premise mode or Cloud hosting.
If your external application is somewhat a standard authentication mechanism such as Active Directory or OpenLDAP, you should think about using the Adobe Campaign LDAP optional module (see your contract or Adobe contact about this).
You can use MD5 crypt algorithm or plain text with SSL/TLS, it depends of your company directory.
But take care for security reasons if you want to develop your own code with webApp or external form (SOAP), it must be robust enough to avoid any security hole, and be maintained and checked regularly against hacking exploits... I don't recommend too much doing such a way...
I do think that you should use rather session methods Encrypt or EncryptServerPassword, because if it is not MD5 but AES (DES is deprecated) or SHA256 or 512 used you wouldn't have to know what encryption algorithm is used (and MD5 and AES are far less better than SHA2 (SHA256/SHA512).
As Jean-Serge mentioned, you have several options, depending on the authentication mode you use. Note that Campaign also supports IMS (login through Adobe ID), which is convenient if you use multiple Experience Cloud solutions.
Please let us know if you did find the right implementation for your use case.