Unifyia Multi-Tenant Microservices Platform
Integrate, Deploy, Secure, and Scale Smarter
Empowering Organizations with Advanced Identity and Credential Management Solutions
The Unifyia Software Platform offers a robust and scalable foundation for managing digital identities with precision and security. Designed to support next-generation identity solutions, our platform enables organizations to seamlessly integrate with the latest identity standards and technologies, ensuring compliance and enhancing security across all digital touchpoints.
Key Benefits
Zero-Trust Architecture
Implement a zero-trust framework that protects your organization from internal and external threats by continuously verifying user identities.
Multi-Tenant
Allowing organizations to manage multiple clients or departments within a single, unified environment while ensuring that every organization can tailor the platform to its specific needs while maintaining strict data separation and security.
Onboarding and User Enrollment
Streamline the onboarding and enrollment process with a user-friendly and secure interface designed for federal employees, contractors, or enterprise users. Choose between an operator-driven approach or a user self-service model for handling data input, identity proofing, biometric capture, and adjudication.
Granular Credential Management
Manage and control access with fine-grained credential policies, including PIV, Passkeys (FIDO2), Passkeys credentials on behalf of Microsoft Entra and Okta users, Mobile ID (mID), and derived credentials.
Interoperability and Compliance
Ensure seamless integration with existing systems while adhering to industry standards like FIPS 140-3, NIST guidelines, and FIDO2.1.
Scalability and Flexibility
Easily scale your identity management operations as your organization grows, with flexible deployment options that adapt to your needs.
Built for Today, Ready for Tomorrow
Unifyia’s Software Platform is designed to not only meet today’s security challenges but also to evolve with the ever-changing landscape of digital identity. Our commitment to continuous innovation ensures that your organization remains at the forefront of identity management technology.
Unify your identity and access management with a secure, scalable architecture. The Unifyia Platform is available as both a cloud service and for on-premise deployments.
Administration and Configuration
The Unifyia Platform offers comprehensive administration and configuration features, empowering organizations to define and enforce secure access, passkey (FIDO2) policies, device profiles, visual ID designs, workflows, notifications, and credential issuance. The platform supports seamless enrollment and management of authenticators, allowing for secure access across applications. Customizable workflows and branding enable organizations to tailor user onboarding, offboarding, and other identity-related processes, ensuring a personalized experience. ID proofing and biometric enrollment, compliant with NIST SP 800-63A and FIPS 201-3, facilitate secure identity verification. Additionally, the platform integrates certificate authorities (CAs) for certificate issuance and configures adjudication policies for approval. It also supports DPIV/DFIDO credential issuance, mobile digital identities, and authentication policies in line with NIST SP 800-63B. Notifications are managed efficiently, and data integrity is maintained by signing data on smart cards, security keys, or mobile devices.
Workflow Creation
Workflow creation within the Unifyia Platform allows for the design of a fully customizable journey for both operators and users, covering every aspect of identity management. This includes user sponsorship, onboarding, offboarding, enrollment of data and biometrics, adjudication and approval processes, credential issuance, and lifecycle management. By tailoring these workflows, organizations can ensure that the platform aligns perfectly with their specific needs, providing flexibility and control over all identity-related processes. This adaptability ensures that the platform can support diverse use cases, enhancing operational efficiency and security.
Secure Passwordless Authentication
Unifyia Platform offers complete passwordless security leveraging PIV, PKI, and FIDO passkeys to provide robust authentication from the user endpoint to the cloud. Designed to protect federal employees and contractors from credential phishing, fraud, and credential-based breaches, this solution delivers secure, frictionless passwordless authentication. With a unified credential experience, users benefit from a single credential that supports multi-factor authentication (MFA) across multiple identity types, including PIV/CIV, DPIV, DFIDO, and FIDO2.1 passkeys. Additionally, Unifyia enhances security with Push Verify + PKI and FIDO2.1 integrated into the Unifyia ID Wallet, ensuring a seamless and secure authentication experience across all platforms.
User Onboarding and Enrollment
The Unifyia Platform offers a flexible enrollment process for enterprises and PIV issuance, adhering to NIST SP 800-63-4 guidelines to ensure secure and reliable identity verification. The process begins with sponsorship, where authorization is obtained from a sponsor or supervisor. Applicants then undergo in-person identity verification at an authorized enrollment center, where their identity is confirmed against government-issued IDs and supporting documents. Document authentication is performed through visual inspection or electronic tools, followed by biometric data capture, including fingerprints and facial images. This data, along with verified personal information, is entered into the PIV enrollment system. If required, a background check is conducted to meet security standards. Finally, the applicant reviews the collected information, provides consent for PIV issuance, and acknowledges their responsibilities and the terms of use.
Identity Credential Issuance and Lifecycle Management
The Unifyia Platform offers comprehensive Identity Credential Issuance and Lifecycle Management to streamline the entire process of identity management. Identity issuance is efficiently handled through group and device-specific workflows, ensuring a seamless experience for users. The platform supports a wide range of authenticators, including PIV, Passkeys FIDO2.1 smart cards/security keys, Passkeys on behalf of other identity providers such as Microsoft Entra / Okta, and mobile app-based authenticators via the Unifyia ID Wallet. It also accommodates various identity credentials, such as Visual, PIV, FIDO2, DPIV, DFIDO, and PKI-based credentials, ensuring versatility in meeting organizational needs. Additionally, Unifyia supports PIV Derived Credentials, allowing the issuance of DPIV/DFIDO/DFC credentials based on existing PIV credentials or other trusted credentials. The platform also offers extensive lifecycle management actions, including certificate renewal, suspension, activation, reactivation, revocation, and more. This robust set of features ensures that identity credentials are managed securely and efficiently throughout their entire lifecycle, from issuance to revocation.
Federated Single Sign-On (SSO) and Identity Brokering
Single Sign-On
Securely access multiple applications with a single set of credentials using SAML or OIDC protocols. This ensures compliance, enhances operational efficiency, and simplifies credential management.
Identity Brokering
Authenticate to the platform through multiple external Identity Providers and applications using OpenID Connect or SAML protocols, providing a unified authentication layer.
API Gateway
The Unifyia Platform's RESTful API Gateway serves as a critical component, exposing backend functionality to developers, enabling the creation of modular and reusable application ecosystems. It ensures secure interaction through JWT/API Token Validation, verifying security tokens with the authentication and authorization service using tenant identifiers. As a unified platform, it acts as a centralized hub for identity management, streamlining tasks for administrators, operators, and end users, all managed by role-based access privileges. The gateway also records user authentication results for analytical purposes, routes service requests to the appropriate internal services based on resource paths, and offers dedicated endpoints for credential issuance and management, making identity management seamless and efficient.
Endpoint Client
The Unifyia Platform utilizes Unifyia Client, which offers a low-code, secure API interface for managing connected devices, including smart cards, security keys, biometric devices, and card printers. Unifyia Client ensures enhanced security and compliance by implementing tokenization separately for each connected endpoint, thus optimizing productivity. With Unifyia Client, organizations can avoid the need for browser extensions or policy changes, giving users the flexibility to use standard web browsers such as Chrome, Edge, Safari, and Firefox. Unifyia Client is compatible with Microsoft Windows, Apple macOS, Red Hat Linux, and Ubuntu Linux.
Integrations
We welcome everyone. Unifyia is fully vendor-agnostic. Below is a list of third-party application integrations and supported technologies.
Server OS Support
  • AWS Linux 2.0
  • Red Hat Enterprise Linux 8, 9.3, and 9.4 versions
  • Rocky Linux 8.9 version
  • Ubuntu 22.04
  • General support for current and previous versions of the above OS.
Server Java Version
  • OpenJDK 17
  • No Java is required on client workstations.
Application/Web Servers
  • NGINX 1.20.0
  • Node.js: 16.16.0 and higher
  • Wildfly: Version 11 and higher
Client OS Support
  • Windows
  • MacOS
Certificate Authorities
  • Entrust CA Gateway
  • Microsoft CA
  • PrimeKey
  • WidePoint-ORC PIV SSP
  • EJBCA
Identity Brokering and User Federation
  • Microsoft Azure AD, Okta, Ping Identity, Jump Cloud
Biometrics Verification and Duplication
  • Amazon Rekognition
  • Neurotechnology MegaMatcher ABIS
Supported Browsers
  • Microsoft Edge Chromium
  • Google Chrome
Supported HSMs
  • Utimaco CryptoServer Gen 2
  • AWS v2 CloudHSM
  • Thales Luna Network HSM 7
Databases
  • Amazon RDS for PostgreSQL 15.1
  • Oracle 19c
Smart Cards and Security Keys
  • IDEMIA:
    • ID-One PIV 2.4 + FIDO2.1 on Cosmo V8.2
    • ID-One PIV 2.4 on Cosmo V8.2
    • ID-One PIV 2.4 on Cosmo V8.1
  • Thales:
    • Gemalto SafeNet IDPrime PIV v3.0
  • Yubico:
    • Yubikey 5, 5.7, YubiKey FIPS, YubiKey Bio
  • Giesecke & Devrient (G&D):
    • Sm@rtCafé Expert StarSign® FIPS 2017.0, 8.0
  • ZTPASS:
    • ZTPass PIV 2.0 on NXP P71D600
    • ZTPass - ZTPass PIV 2.0 + FIDO2.1 on NXP P71D600
  • Unifyia ID Wallet - iOS and Android
    • Signature
      • Signotec Sigma
    • DevOps Tools
      • Docker
      • Bitbucket
      • Monitoring & Metrics
      • Zabbix
      • Prometheus
      • Grafana
    • Card Printer & Encoder
      • HID FARGO® HDP6600
      • Matica XID8600
      • Magicard Rio Pro 360
  • Fingerprint
    • Integrated Biometrics - FIVE-O, Watson Mini, Columbo
    • SecuGen Hamster Pro 20
    • HID Guardian 100
    • Thales Cogent Multifinger Scanner DactyScan84c
  • Iris
    • CMITech BMT-20
    • EF-45
  • Photo
    • Webcam/Camera with live streaming option (e.g., Sony ZV-1F)
  • Document Scanners
    • Webcam
    • EPSON V600 Photo Scanner
  • Card Readers
    • PCSC Card Readers - Contact and Contactless
    • ACS ACR122U NFC Contactless Smart Card eader
    • ACS ACR39U-U1 Smart Card Reader
    • SecuGen Hamster Pro Duo SC/PIV