Lifecycle Management - Operators

This section explains the various lifecycle actions that an operator can manage. Operators manage the entire lifecycle of identities ensuring compliance with organizational policies. The lifecycle actions for the smart cards/security keys, mobile devices, and mobile identities are managed separately.

Navigate to Management > Users. Search the user either by name or email. Under the Actions column, select the Identity Lifecycle icon. All the issued identities are displayed. For a selected identity, select MANAGE. Based on the status of the device the options are displayed. The following are the lifecycle actions performed by the operators:

  • Suspend
  • Reactivate
  • Change PIN
  • Reset Device PIN
  • Revoke
  • Remove
  • Show PUK

Identity Devices

The following are the possible lifecycle actions based on the status of the device.

Suspend

When an active device is lost/damaged, you can suspend the device to avoid misuse. To suspend the device, do the following:

  1. Select the identity,
  2. Select Manage> Suspend.
  3. Select one of the below-listed reasons to suspend the device and confirm.
    • On leave
    • Misconduct
    • Misplaced device
    • Other

Reactivate

  1. To reactivate a suspended device, select the identity.
  2. Select Manage > Reactivate.
  3. The suspended device is activated.

Change PIN

This option is available for a smart card or security key.

  1. Connect the identity device.
    1. For Smart card: Connect a card reader to your computer and insert a smart card.
    2. For Security Key: Insert the security key into a USB port
  2. Select the connected device.
  3. Select Manage > Change PIN.
  4. Enter the old PIN.
  5. Next, enter a new PIN, and confirm
  6. Select OK.
  7. The PIN is changed.

Reset Device PIN

  1. Connect the identity device.
    • For Smart card: Connect a card reader to your computer and insert a smart card.
    • For Security Key: Insert the security key into a USB port
  2. Select the connected device.
  3. Select Manage > Reset Device PIN.
  4. Enter a new PIN, and confirm
  5. Select OK.
  6. The PIN is reset.

Revoke

When you revoke an identity, the device can no longer be used.

  1. Select the device, and select Manage > Revoke.
  2. Provide a reason and revoke the device.

Remove

Once the device is revoked, if you do not require it to be visible under the issued device list, you can remove it. Select the identity and select Manage > Remove.

Show PUK

This option is available only for a PIV-supported smart card or security key.

  1. Connect the identity device.
    1. For Smart card: Connect a card reader to your computer and insert a smart card.
    2. For Security Key: Insert the security key into a USB port.
  2. Select the identity and select Manage > Show PUK. A PUK code is displayed. Provide the code after identifying the user requesting the code.

Mobile Devices

To manage the mobile device lifecycle actions, select the issued mobile identity. Select Manage and choose an action to perform as listed below. The process to perform each action is similar to that of an identity device.

  • Suspend
  • Reactivate
  • Renew: Renew the expiring certificates issued.
  • Revoke (Revokes device and the credentials)
  • Remove (Remove a revoked device from the issued list)

Delete Users

To delete a user, go to Management > Users. Search the user by a username or an email in the search field. The user record is displayed. Select the Delete User icon at the far end of the displayed record to delete a user.


Back Next
On this page