When a digital ID card is expiring, then it can be renewed in Smart ID Self-Service.
Standard workflow
Actor | Action | Option | Physical ID | Digital ID | |
---|---|---|---|---|---|
1 | Identity Manager | On a configurable interval, Identity Manager runs the Expiry check, which finds all card certificates that will expire within the coming period. For each affected user, the steps below are done. | Automatically requests to renew all cards that belong to active AD users. | - | |
2 | Self-service user | Receives an email with instructions. Puts the card in the card reader. Logs in to Smart ID Self-Service and chooses Renew card. | - | - | |
3 | Identity Manager | Removes expired authentication and signing certificates from the card. Keeps and reuses old encryption certificates. | - | - | |
4 | CA | Issues a set of new certificates, as needed. The certificates are stored in Identity Manager and on the smart card. | - | - |
Expiry check:
Smart ID Self-Service renewal:
Technical references
- PcmProcExpiryCheckEmployeeCard
- Sub process: PcmProcUSSPRenewEmployeeCard