Skip to main content
Skip table of contents

Identity Manager architecture overview

Smart ID Identity Manager consists of these applications:

Identity Manager has the following basic architecture:

  • J2EE/Java-based server

  • SQL database, connected to the application server

  • User Interface (HTML5 client)

Identity Manager architecture


Workflow engine

Smart ID Identity Manager is based on a BPMN 2.0 compliant Workflow engine that allows custom configuration of every process for identity management. The configuration is created within Identity Manager Admin or with an external BPMN editor. Alternatively, Smart ID Workforce/Workplace Use Cases or Smart ID Modules can be used. For more information, see Smart ID architecture overview.

Process API

Smart ID Identity Manager offers a REST interface to call any process configured within the Workflow Engine, see Identity Manager Process REST API.

HTTP Clients

Smart ID Identity Manager offers a special Task to call any HTTP based REST API. The interface can be configured using a convenient user interface in IDM Admin, see Set up Http Clients in Identity Manager.


For more information on the supported systems and versions, see Identity Manager requirements and interoperability, Set up AriadNext connector, and Set up Workspace One connector.

Corporate directory

The LDAP connector enables searching and reading identity information from an LDAP directory, such as Active Directory. User authentication with directory-stored password and group-based role assignment are also supported. 

Alternatively, Identity Manager can connect to different HR systems via SCIM or CSV file import/export.

Certificate authority

Through the PKI connectors, Identity Manager PKI applications can request, renew, and revoke certificates from/in a certificate authority (CA). The PKI connector delivers the certificate template names that are made available by the CA for use. These templates are mapped to Identity Manager certificate types. Multiple CA connections are possible.

Smart cards and software tokens can contain any number of certificates that may be issued by different CAs.

Identity Manager DB Server

All configuration and run time data is stored in an SQL database.

Capture client

Identity assurance, data, image and signature capturing.

Production client

Card printing and encoding, batch production.

Additional information

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.