Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.


Skip to end of metadata
Go to start of metadata

This article provides installation requirements and interoperability data for Smart ID Identity Manager

Expand/Collapse All

Requirements

 Databases

The following databases are supported:

  • SQL Server 2014 and 2014 R2
  • SQL Server 2016
  • SQL Server 2017
  • SQL Server 2019
  • Azure SQL
  • Oracle Database 12c
  • Oracle Database 19c
  • PostgreSQL 9.6, 11, 12

For SQL Server and Azure SQL see also the transaction isolation level requirements here: Set transaction isolation level for MS SQL when used with Identity Manager

 Client: Web browsers

All Identity Manager clients are executed in up-to-date HTML5 web browsers such as:

  • Mozilla Firefox
  • Google Chrome
  • Safari
  • Microsoft Edge (Chromium)

Identity Manager releases are always tested with the latest browser versions.

 JasperReports

The following version of JasperReports is supported:

  • Templates in JasperReports format (.jrxml) version 6.5.1 are supported
 Capture or production client: Software

The following requirements apply for a workstation that is to be used as a capture client or production client: 

For PKI cryptochip encoding the following is also required:

  • A PKCS#11 compliant smart card middleware.
  • OpenJDK or Oracle Java
    • Version 11 (64-bit), tested on OpenJDK 11.0.6+10
    • Architecture: 32-bit (for any smart card middleware) or 64-bit (for any smart card middleware except Nexus Personal)
  • The smart card middleware and client-side Java must have the same OS architecture, either 32-bit or 64-bit, since Identity Manager's encoding component connects from the client-side Java to the middleware.

 PKI encoding via Self-Service: Software

The following requirements apply for the use of PKI cryptochip encoding features on Identity Manager Self-Service clients:

Interoperability

Data connectors

Identity Manager allows synchronization of data with external systems for many different use cases, for example card data, employee data from corporate directories, and entitlements from physical access control systems. Import and export of data can be done for various formats, for example LDAP, JDBC, CSV and SCIM. 

 Corporate directories

Identity Manager supports connection to directories compliant with the following standard: 

  • LDAP v3

Microsoft Active Directory is a typical example of a supported directory.

For more information, see Integrate Identity Manager with Microsoft services.

 JDBC databases

Identity Manager supports connection to databases based on Java database connectivity (JDBC).

The following databases are supported:

  • SQL Server 2014 and 2014 R2
  • SQL Server 2016
  • SQL Server 2017
  • SQL Server 2019
  • Azure SQL
  • Oracle Database 12c
  • Oracle Database 19c
  • PostgreSQL 9.6, 11, 12

The SQL Server and Azure SQL databases only support case insensitive queries (which is the default option).

 Certificate authorities

The following certificate authority (CA) products and services are supported:

  • Smart ID Certificate Manager 8.3. A downgrade package is available for CM 7.18.
  • Microsoft Active Directory Certificate Services (ADCS) 2012 / 2012 R2 / 2016 / 2019
  • D-Trust Managed PKI
  • IDNomic version 4.8.1
  • EJBCA version 6.15
  • DFN Managed PKI
  • QuoVadis PKI

For more information, see Integrate Identity Manager with certificate authority (CA)

Other CAs can be integrated on demand.

 Physical access control systems (PACS)

The following physical access systems (PACS) are supported by Identity Manager:

VendorSystemSupported versionsComment
ASSAArx4.1
SiemensBewator 2010 Omnis6.2
BravidaIntegra6.10, 7.2
Evva SaltoSALTO12.2
dormakabaKABA Exos 93004.0
PacomUnison5.8.6
RCORCARD M55.39.4 
RCO RCARD M5 Admin API5.48.0
Security Shells

iSecure
- for integration with HID controllers

2.4
SiemensSiPass Integrated2.76
SiemensSiPort3.0.1
UnitekUnilock2.0
LenelOnGuard6.6Limited support
StanleyStanley Security Manager (SSM)8.0, 8.1Limited support
StanleyNiscayah Integration Manager (NIM3)3.40Limited support

Set up integrations

For more information, see Integrate Identity Manager with physical access control system (PACS)

There is also a PACS demo service included in the Physical Access component that can be used to simulate PACS integration. 

Contact us!

Is your PACS system not on the list? Provide the details of your PACS system in this form and we will contact you.

 Mobile device management (MDM)

The following mobile device management (MDM) product is supported in Identity Manager:

  • MobileIron 10.4 - 10.7

Other MDM systems can be integrated on demand.

Digital identities

 Smartcards and smartcard middleware

Supported smart cards depend on the smart card middleware. Smart card middleware is not part of Identity Manager.

Identity Manager connects to a smart card via the PKCS#11 library provided by the middleware. For a list of supported cryptochips and smart cards, please refer to the corresponding technical specification of the middleware.

CardOS 4.4 and CardOS 5.0 are our reference cards for testing. Other cards listed in the middleware specification also normally work, but must be tested individually for the specific requirement.

The following smart card middleware products are supported: 

Vendor/ Product

Version

Reference Card

Nexus Personal Desktop Client

5.4

CardOS 4.4 + 5.0

AET SafeSign

3.0.93

CardOS 4.4

Neowave Weneo

Atos CardAPI

5.4 (1)

CardOS 4.2C + 4.4 + 5.0 + 5.3

Charismathics CSSI

5.4

CardOS 4.4 + 5.0 TPM

Cryptovision cv act sc/interface

7.0.5

CardOS 4.4

Gemalto IDGo800 Pkcs#11 Library

1.2.4

IDPrime MD 830

Morpho Ypsid

7.0.1

Ypsid S3

Oberthur AWP

5.1.1

V 7.0.1

Safenet Authentication Client

10.7

IDPrime MD840 and MD940

T-Systems TCOS3 NetKey1.8.2.2 (2)TeleSec Signature Card V2.0, TeleSec IDKey 1.0

(1) 5.4W14 or later is required for certain features

(2) 1.8.2.2 is the minimum compatible version, we recommend 1.8.2.4 or later

 Yubikey Yubikeys

Identity Manager supports certifcate enrollment to Yubico YubiKey 5 PIV tokens via Smart ID Desktop App

Fido2 tokens on Yubikey are not supported. 

 Virtual smartcards

The following virtual smartcard is supported:

Vendor/ Product

Version

Smart ID Desktop App

1.4.2

For more information, see Set up virtual smart card management in Identity Manager

Language support

 Language support

The following languages are supported: 

  • English
  • French
  • German
  • Swedish

This article is valid for Smart ID 20.11 and later.

Related information