Document toolboxDocument toolbox

Shared credentials - Start-up guide

This article describes the steps that have to be done with the Shared credentials package in Smart ID before you can start to use the system. The shared credentials package is used if you use the Users package together with any of the packages Cards, Temporary cards, Mobile ID or Virtual smart card.

 Prerequisites

Upload the Users package in Identity Manager Admin. Follow all steps in Users - Start-up guide.

Step-by-step instruction for the administrator

 Log in to Identity Manager Admin
  • Log in to Identity Manager Admin as administrator. Default login credentials are username: admin, password: admin.

    It is recommended to change the password for the administrator user.

 Upload the shared credentials package

To upload the SharedCredentials.zip package in the Identity Manager Admin:

  1. In Identity Manager Admin, select the Configuration file tab.

  2. Click Upload configuration

  3. Click Select file and add the path to the SharedCredentials.zip file.

  4. Click Upload.

 Configure Certificate Authority (CA)

You need to select and configure a Certificate Authority (CA). Default CA is Smart ID Certificate Manager, but you have other options as well. The examples here are given with Certificate Manager as CA.

  1. To add information regarding the CA, open this article: Integrate Identity Manager with Smart ID Certificate Manager.

  2. In that article, do the following:

    1. Under the heading "Create CM .zip file", do all steps.

    2. Under the heading "Create a Certificate Authority in Identity Manager Admin", you do not need to create a CA since it is already set up. Just select and edit Smart ID Certificate Manager (the CA) and do the updates in the General tab as described in the article.

    3. Under the headings "Import certificate types" and "Test connection", do all steps.

 Add information regarding Smart ID Messaging
  1. Open Integrate Identity Manager with Smart ID Messaging.

  2. In that article, do the following:

    1. Under heading "Add Identity Manager as client in Smart ID Messaging":
      1. Go to the linked article Integrate Smart ID Messaging with other Smart ID components.
      2. In that article, go to heading "Generate a template for a client section".
      3. Do the steps under "Generate an Identity Manager (IDM) client"
  3. Go back to Integrate Identity Manager with Smart ID Messaging.
    1. Under the heading "Add Messaging Server in Identity Manager Admin":
      1. You do not need to add a messaging server, just select and edit the listed messaging server, and do the updates as described in the article.
    2. Under the heading "Create user for Smart ID Messaging":
      1. The user "hermod" is already added. Just update the password.
    3. Under heading "HTTPS connection set up":
      1. Do all steps.
  4. Add information regarding Smart ID Messaging, see Add API user and callback URL in Hermod.
 Change processes

You need to change processes for these use cases:

  • Deactivate user

  • Reactivate user

  • Lock user

Deactivate user

  1. In Identity Manager Admin, go to Home > Process Import,

  2. Select and edit Deactivate user.

  3. From the Task List, select the task Deactivate related credentials.

  4. In the Attributes list:

    1. Select data pool Batch order.

    2. Select Sub-process set credential status.

  5. From the Task List, select the task Load related credentials.

  6. In the Attributes list:

    1. Select data pool Credentials.

    2. Select Sub-process load credential(s).

  7. Click Save.

Reactivate user

Do the same steps:

  1. In Home > Process Import, select and edit Reactivate user.

  2. Select Reactivate related credentials

    1. Select data pool Batch order

    2. Select Sub-process set credential status.

  3. Select Load related credentials

    1. Select data pool Credentials

    2. Select Sub-process load credential(s).

  4. Click Save.

Lock user

Do the same steps:

  1. In Home > Process Import, select and edit Lock user.

  2. Select Lock related credentials

    1. Select data pool Batch order

    2. Select Sub-process set credential status.

  3. Select Load related credentials

    1. Select data pool Credentials

    2. Select Sub-process load credential(s).

  4. Click Save.

Additional information


Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions