As per the xsd for XPhone, confidentialAccessMode should be nillable:
<xsd:element maxOccurs="1" minOccurs="0" name="confidentialAccess">
<xsd:complexType>
<xsd:sequence minOccurs="0">
<xsd:element maxOccurs="1" minOccurs="1" name="confidentialAccessMode" nillable="true" type="axlapi:XCALMode"/>
<xsd:element maxOccurs="1" minOccurs="1" name="confidentialAccessLevel" nillable="true" type="axlapi:XInteger"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
However, this is not honoured by AXL during addPhoneReq. If the following is sent to CUCM:
<confidentialAccess>
<confidentialAccessMode xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/>
<confidentialAccessLevel>-1</confidentialAccessLevel>
</confidentialAccess>
This results in an error:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>Invalid value for confidentialAccessMode</faultstring>
<detail>
<axlError>
<axlcode>5003</axlcode>
<axlmessage>Invalid value for confidentialAccessMode</axlmessage>
<request>addPhone</request>
</axlError>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
However, AXL will support fully enclosed tags, which technically should be analogous to the above:
<confidentialAccess>
<confidentialAccessMode></confidentialAccessMode>
<confidentialAccessLevel>-1</confidentialAccessLevel>
</confidentialAccess>
This magically works.
I picked this up from trying to work with a getPhone, where the AXL response actually does send a nill response itself:
<confidentialAccess>
<confidentialAccessMode/>
<confidentialAccessLevel>-1</confidentialAccessLevel>
</confidentialAccess>
Clearly, this is a bug.