Enrolling a Third-Party Device in IDMS

Purpose

This procedure guides you through the process of enrolling a third-party issued credential device (such as a smart card or security token) into the organization’s IDMS. This allows the device to be registered with the physical and/or logical access systems.

Prerequisites Checklist

Before beginning this procedure, ensure you have:

• Access to the IDMS system with appropriate enrollment permissions

• A valid credentials to log into the IDMS portal

• A compatible third-party device (smart card reader or token)

• The physical credential card that will be enrolled

• The card's PIN number

• The credential type policy configured for device import

• External identity linking key (if linking to existing identity systems)

• Permissions set for adding an applicant

Step 1: Access the IDMS System

1. Open your web browser and navigate to the IDMS portal URL.

2. Review the system warning message that appears, which outlines authorized use and monitoring policies.

3. Click the “I Understand, Continue” button to proceed to the system.

4. Click the Identity Link and Click “Add Applicant”.

   

5. The Add a New Applicant Screen will be displayed.

   

6. Select the credential type that permits the enrollment of a third-party device. After selecting the credential type, the “Import Application Data from Device” appears.

   

Note: Credential policy must be configured to allow importing applicant data from device or button will not display.

7. Click the “Import Application Data from Device” button to launch the Device Selection Window.

   

Step 2: The cardholder Inserts their Device

1. Request the cardholder inserts the device into the reader.

Step 3: Select and Enroll the Physical Device

1. Locate and click the device selection option on the form. A popup dialog titled Select the device: will appear.

2. In the “Select the device:” dropdown menu, click to view available connected devices.

3. Select the appropriate card reader device (e.g., "OMNIKEY CardMan 3x21 1").

4. Review the device information displayed:

   • Serial Number

   • ATR (Answer to Reset)

   • Assigned To

   • Policy

   • Status

5. When prompted, ask the applicant to enter their PIN.

   

6. In the “Enter PIN” field, have the applicant type their card PIN.

7. Click the “Get Device Data” button to read the credential information from the card.

Expected Result: The system successfully reads the card data, and the device information is populated. The dialog shows "Enroll Device?" confirmation.

Step 4: Complete the Enrollment Package

1. Click the “Close” button to return to the main applicant form.

2. Verify that all information has been captured correctly:

   • Applicant photo is displayed

   • First name, middle name, and last name are correct

   • Credential type is properly selected

   • External identity linking key is present (if applicable)

   • Email address is correct

3. At the bottom of the form, click “Add Applicant and Review for Approval” to submit the enrollment package.

   

Expected Result: A "Processing..." indicator appears, showing that the enrollment package is being submitted to the system.

Step 5: Verify Successful Enrollment

1. After processing completes, you are redirected to the applicant's identity record page.

2. Verify the following information on the summary screen:

   • Status: Shows "APPROVED"

   • Internal ID: Displays a unique identifier

   • External ID: Shows the external identity linking key

   • Email: Confirms the correct email address

   • Type: Shows the credential type (e.g., "ARJNI")

3. Click the Credentials tab to view enrolled devices.

4. In the credentials table, verify:

   • Serial Number: Matches the physical device

   • Status: Shows "Added"

   • Policy: Displays the correct credential policy

5. Click Refresh if needed to update the displayed information.

Expected Result: The applicant record shows an "APPROVED" status, and the credential device appears in the credentials list with "Added" status.