Identity Manager overview
Smart ID Identity Manager is a solution for centralized lifecycle management of identities for physical and digital access, to enable transparency, traceability and compliance across units and locations. With the automation of complex security processes, self-service functionality, approval steps and integration into the IT and physical access environment, Identity Manager helps you simplify on- and offboarding and reduce operational costs.
Streamline management of physical and digital identities
The Smart ID Identity Manager acts as one central system to manage physical and digital identities, thereby enforcing uniform policies, and provides information on who is in possession of which access rights at any given time. Identity Manager supports various access cards, smart cards, virtual smart cards on mobile or desktop, as well as software and hardware tokens; and connects to the enterprise IT environment, with out-of-the-box integration to corporate directories, certificate authorities and access control systems. For smooth ordering of cards as a service, Identity Manager can be combined with Nexus GO Cards.
Simplify on- and offboarding
Identities for physical and digital access are often managed in several separate systems, which leads to confusion and high costs, and jeopardizes security and privacy. The Smart ID Workforce modules solutions with the Identity Manager help you simplify on- and offboarding with automation of complex security processes, self-service functionalities, approval steps and integration into the IT and physical access environment. For example, registration of a new employee can trigger a smart card being ordered. And when an employee leaves, the system can make sure that all cards are locked and certificates revoked.
Take advantage of complete Smart ID solutions
The Smart ID Identity Manager is a central part of Nexus' Workforce solutions to let you stay in control of identities and access.
If an employee forgets their phone at home, loses their smart card, forgets or needs to reset the PIN, there are best-practice workflows provided that include temporary access solutions and self-service to slim your processes.
Identity Manager is included in these Smart ID solutions:
Work smarter with self-service and automation
With the self-service features in Smart ID, users can do simple tasks themselves, for example order a smart card, request a virtual smart card for mobile phone or desktop and upload a photo. Smart ID Self-Service helps the users to be in control and minimizes administrative work in your organization.
The Smart ID Workforce modules solutions offer best-practice processes for typical use cases and lifecycle management of identities and certificates. The processes include automated steps, for example to check validity of certificates, lock cards when users leave, send notification emails and trigger events in related systems.
Ensure secure issuing with approval steps
The standard processes in the Smart ID Workforce modules solutions can optionally include approval steps, which allow segregation of duties, letting administrators do the main tasks while making sure that requests are approved by authorized managers.
Allow traceability and auditability
Smart ID Identity Manager has a number of features to fulfill any requirements for reliability, traceability and auditability:
The Identity Manager workflow engine logs every step in the executed process.
An object history is created for all objects, such as persons, cards or certificates, that are created in Identity Manager. Changes are tracked with, for example, timestamp, IP address, username and reason for the change. All entries in the object history are digitally signed. See also Chained signature for object history in Identity Manager.
All runtime data stored in the Identity Manager database can be displayed and exported in different formats, and the search function is flexible and configurable. See also Set up data export to external data source from Identity Manager.
Integrate with standard systems
Smart ID Identity Manager comes with integration capabilities to many common related systems, such as Active Directory or HR systems, certificate authorities (CAs), physical access control systems (PACS), databases, and so on. For more information, see Identity Manager integrations.
Specification
Integrates with Active Directory and other corporate directories via LDAP v3
Integrates with certificate authorities, such as Smart ID Certificate Manager, Microsoft Active Directory Certificate Services (ADCS) D-Trust, EJBCA, DFN, and QuoVadis
Integrates with common physical access control systems (PACS), including Assa Arx, Bravida Integra, Evva Salto, KABA, Lenel OnGuard, and Stanley SSM
Supports common smart card middleware, including Nexus Personal Desktop Client and other third party vendors
Supports integration with third party systems via JDBC, CSV, and SCIM
Language support includes English, French, German, and Swedish
Local card printing and RFID encoding supporting, for example, Mifare DESfire, Legic and EM.
For more information, see IDM 23.10.3 - Requirements and interoperability.