Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

When a digital ID card is expiring, then it can be renewed in Smart ID Self-Service. 

Standard workflow


ActorActionOptionPhysical IDDigital ID
1Identity Manager

On a configurable interval, Identity Manager runs the Expiry check, which finds all card certificates that will expire within the coming period.

For each affected user, the steps below are done.

Automatically requests to renew all cards that belong to active AD users.

-Image Removed

(tick) 

2Self-service userReceives an email with instructions. Puts the card in the card reader. Logs in to Smart ID Self-Service and chooses Renew card.-

-Image Removed

(tick) 

3Identity ManagerRemoves expired authentication and signing certificates from the card. Keeps and reuses old encryption certificates.--
Image Removed

(tick)

4CA

Issues a set of new certificates, as needed. The certificates are stored in Identity Manager and on the smart card.

-

-

Image Removed(tick) 


Expiry check:

Smart ID Self-Service renewal:

Technical references

  • PcmProcExpiryCheckEmployeeCard
  • Sub process: PcmProcUSSPRenewEmployeeCard

...