Skip to main content
Skip table of contents

Configuring Device Issuance Policy

The device issuance options allow you to specify how the device will be programmed. Within this section, you can specify the credential management system that program the card, the policy that should be utilized for initial issuance, replacement policies, as well as customized data for PACS and biometric verification.

Before Getting Started

Required Permissions: System Manager

Required Software: The IDMS must be connected the to the HID Credential Management System.

Settings Description

  • CMS Server Key: DNS address of the HID CMS server

  • CMS Card Policy: The HID CMS Device Policy that will be used when programming the card.

  • CMS Card Replacement Policy: The HID CMS Device Policy that will be used when issuing a replacement card.

  • CMS Card Default Replacement Reason: This is the default reason to be used when creating a replacement.

  • Card Validity: The number of years the device will be valid for.

  • FASCN Settings: Agency Code: The agency code that will be programmed into the FASCN. System Code: The system code that will be programmed into the FASCN.

  • Verify Applicant Fingerprint: Whether the applicant should perform a fingerprint verification before the device is issued to them.

How configure the Device Issuance policy

  1. Go to the administration section.

  2. Click on the "Credential Types" link.

  3. Choose the credential policy that needs to be edited and press the gear icon.

  4. When the credential policy configuration screen appears, click on the "Device Issuance" tab.

    image-20241205-145618.png

  5. Enter the CMS Server Key. This is the DNS of the the HID CMS server. For example, if the CMS address is https://id.cyberarmed.com/aims/enterprise/operator , enter id.cyberarmed.com in the CMS server key field.

  6. Enter the CMS Card Policy.

  7. Enter the CMS Card Replacement Policy.

  8. Enter the Card Validity

  9. Once complete, scroll to the bottom and press the Update bottom to save the changes.

Enabling Additional Device Types

The IDMS can also facilitate the issuance of OTP, FIDO Security Keys, and Derived credentials.

To enable additional device types

  1. Go to the administration section.

  2. Click on the "Credential Types" link.

  3. Choose the credential policy that needs to be edited and press the gear icon.

  4. When the credential policy configuration screen appears, click on the "Device Issuance" tab.

  5. Locate the Permitted Device Types section.

  6. For Security Key, OPT, Entra ID Temporary Access Pass (TAP), select Yes or No depending on whether the device should be enabled.

    image-20250218-175950.png
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close