General Configurations

This tutorial helps you to learn more about the available options in the General section while creating a workflow.

NOTE
  • IDEMIA PIV V8.2 and Yubikey 5 authenticators have the capability to be issued both the PIV and FIDO2 credentials. Hence, if you have selected these device profiles, once you check the option Smart Card/Security Key Credential Issuance > Enable Chip Personalization, you will be presented with two options – PIV and FIDO2. Please ensure to select the application to issue credentials accordingly.
  • If you have selected ZTPass on NXP P71D600, once you check the option Smart Card/Security Key Credential Issuance > Enable Chip Personalization, you need to select to load either a PIV or a FIDO2 or both applets based on the selected identity type.

What can you do in this section?

  1. For each chosen identity model, you have the option to select multiple device profiles and groups. This allows you to issue credentials on different form factors to the selected groups.
  2. Define the expiration date for the selected identity type.
  3. Set the permissible number of devices for a user in the selected groups
  4. Select to which role(s) the workflow must be visible.

Follow the below steps:

  1. Workflow Name: Provide a name for the workflow. This could be a simple text that identifies the type of workflow being created. For instance, PIV ID (ABC Organization).
  2. Description: Provide a brief description of the workflow.
  3. Default Workflow: If this workflow is a default one that applies to all the users in the organizations or to specific groups, then select the Default Workflow checkbox. For an organization, there can only be a single default workflow.
  4. Identity Type: From the drop-down list, select one of the following as per your requirement, e.g., PIV
  5. Device Profile: From the drop-down list, select the device profile for which you are creating the workflow. Select one or more of the following supported device profiles for the workflow. Note that the below device profiles have to be created as per your organization's requirement.
    • ID-One PIV v2.4.1 on Cosmo V8.1
    • ID-One PIV v2.4.2 on Cosmo V8.2
    • ID-One PIV v2.3.4 on Cosmo V7
    • G&D SCE 7.0 with PIV Applet V1.0
    • Thales IDPrime PIV v3.0
    • ZTPass on NXP P71D600
    • ID Wallet
    • Yubico
    • FIDO2 – Direct Connect
    • FIDO2 - WebAuthn
  6. Assign to Group(s): You must have groups created before this step. Select the group(s) for which this workflow is being created. You can select multiple groups. Once you select certain groups for a workflow, the same groups will not be available for other workflows.
  7. Assign to Role(s): Select the roles that can view this workflow. This ensures that only these roles can issue identity devices for this workflow.
  8. Enforce maximum allowed devices per user: If you need to enforce a maximum limit of allowed devices per user, check the box and set an integer value to define the number of allowed devices.
  9. Expiration: Set the expiration period for the device. Select the number of months and days for device validity.

Back Next
Related Links