Change version
2.2.0
2.0.3
Home
Release Notes +
Unifyia Platform
Unifyia ID Wallet
Operator Client - Windows
User Client - Windows
User Client - macOS
Concepts
Getting Started
Unifyia Platform +
User Management +
Administrator Login
Onboard Users
Enroll Users
Approve Enrollment
Import Users from Directory
Invite to Self-Issue Mobile Identities
Access to the Self-Service Portal
ID Reader
Factory Reset
Credential Management System +
Credential Issuance by Operators +
PIV/CIV Credentials
Derived PIV
Derived Passkeys (FIDO2)
Passkeys (FIDO2)
Mobile Credentials
Self-Issuance of Credentials by Users +
Derived PIV
Derived Passkeys (FIDO2)
Passkeys (FIDO2)
Mobile Credentials
Activation
Authentication
Credential Lifecycle Management +
Operators
Users
Administration +
Branding
Manage Roles and Access Privileges
Manage Groups
Device Profiles +
PIV/CIV
FIDO2
Mobile
ID Card
Manage Visual Designs
Configure Workflows +
Create Workflow +
General Configurations
Data and Biometrics Enrollment
Smart Card/Security Key Credential Issuance
ID Wallet Configurations
Manage Workflows
Manage Notifications
Notification Providers +
Email Server
SMS Gateway
Configure Certificate Authorities
General Settings
Upload Content Signing Certificate
Configure Passkeys (FIDO2) Policy +
Add Passkeys Policy
Integrate Identity Providers +
Add and Manage Identity Providers
Configuration Parameters to Add IdPs Using OIDC Protocol
Configuration Parameters to Add IdPs Using SAML Protocol
Configure SCIM Provisioning
Integrate Directories
Integrate Enterpise Connections
Integrate SSO Applications +
Add and Manage SSO Applications
Configuration Parameters to Add SSO Applications Using OIDC Protocol
Configuration Parameters to Add SSO Applications Using SAML Protocol
Reports
End User Guides +
Operator Guide
User Guide
How-To-Guides +
Integrate Entra ID as an IdP - OIDC
Integrate Entra ID as an IdP - SAML
Integrate Okta as an IdP - OIDC
Integrate Okta as an IdP - SAML
Integrate Okta for SSO - OIDC
Integrate Okta for SSO - SAML
Integrate LDAP
Integrate Active Directory
Configure Okta for User Provisioning
Configure MSCA
Configure EJBCA
Configure Entrust Gateway
Unifyia Client +
Operator Client - Windows
User Client - Windows
User Client - macOS
Unifyia ID Wallet +
Install and Launch
Issue Mobile Credentials
Authentication Using Mobile Credentials
App Features
Lifecycle Management
Developer +
Generate API Keys
Developer Resources
FAQ
Glossary
Articles
Home
Concepts
Concepts
AAL
Authentication Assurance Level (AAL) is an ordinal measurement to measure the strength of an authentication transaction.
Authentication
Verifying a user's identity through methods such as passwords, biometrics, or multi-factor authentication (MFA).
Authorization
Determining what resources a user can access and what actions they can perform.
Biometrics Capture
The collection of biometric data (e.g., fingerprints, facial recognition) to enhance identity verification and card security.
Certificate Authority
A trusted entity that issues digital certificates used to validate the identity of the cardholder.
Cross-Platform (Roaming) Authenticators
Portable (Roaming) devices that support FIDO2/WebAuthn framework for zero trust, passwordless authentication.
Credential Management System
A comprehensive system that manages the issuance and lifecycle management of identities.
Derived FIDO2
A derived FIDO2 credential (DFC) derived from an individual's primary PIV credential.
Derived PIV
A derived PIV credential (DPC or DPIV) derived from an individual's primary PIV credential.
Device Profiles
A set of configurations and settings that define how a specific identity device (such as a smart card, security key, or mobile device) must function.
Digital Signatures
Cryptographic signatures that validate the authenticity and integrity of documents or communications, often tied to the PIV card.
Enrollment Process
Steps taken to collect personal data, biometrics, and digital signatures during the issuance of the PIV card.
FAL
Federation Assertion Level, defined by NIST, evaluates the level of confidence in the identity federation process.
HMAC (Hash-based Message Authentication Code)
A widely used cryptographic technique designed to ensure both the integrity and authenticity of a message.
Lifecycle Management of Identities
The processes and practices used to manage the creation, maintenance, and deactivation of user identities.
IAL
Identity Assurance Level, defined by NIST, conveys the degree of confidence that someone's claimed identity is their real identity.
IAM
A framework that manages digital identities, authenticating users, and authorizing access based on roles and privileges.
Identity Brokering
A mechanism that simplifies authentication by acting as an intermediary between service providers and multiple identity providers (IdPs).
Identity Federation
A process that allows users to use their credentials from one identity provider (IdP) to access resources and services across multiple platforms or organizations.
Identity Provider (IdP)
An entity that creates, maintains, and manages identity information and provides authentication services to relying parties.
Identity Proofing
The process of verifying an individual's identity before issuing a PIV card, often involving document checks and background investigations.
Interoperability
The ability of identities to be recognized and utilized across different federal agencies and systems.
Key Escrow
A security mechanism in certificate management to securely store a copy of a user's private encryption.
Key Management
The secure management of the cryptographic keys issued by a certificate authority.
Mobile Credentials
Digitally stored authentication credentials on mobile devices.
Multi-Factor Authentication
A security mechanism that requires users to provide two or more authentication factors to verify their identity.
OIDC Protocol
An open standard for authentication that is built on top of the OAuth 2.0 framework.
OAuth Protocol
An open standard for authorization that allows third-party applications to securely access a user's resources.
Passkeys
Learn how passkeys (FIDO2) enable passwordless login experience.
Personalization
The process of embedding the cardholder's information, cryptographic keys, and biometrics into the smart card.
PIV Identity
A standard set by the U.S. federal government for identity authentication for all its employees.
PIV Roles
Learn more about the PIV roles as per the NIST FIPS 201 standard.
Platform Authenticators
Device bound or in-built authentication methods that support FIDO2
Public Key Infrastructure (PKI)
The framework supporting digital certificate issuance and management, essential for secure communications and access.
Relying Party
Role-Based Access Control (RBAC) refers to assigning access rights based on user roles within an organization.
RBAC
Role-Based Access Control (RBAC) refers to assigning access rights based on user roles within an organization.
SAML Protocol
An open standard used for exchanging authentication and authorization data between an Identity Provider (IdP) and a Service Provider (SP).
SCIM Protocol
An open standard designed to simplify the management of user identities across different systems and domains.
Security Key and Tokens
Security keys and tokens are physical devices used for two-factor (2FA) or multi-factor authentication (MFA) to enhance online security.
Single Sign-On (SSO)
An authentication process that allows users to access multiple applications or services with a single set of login credentials.
Smart Cards
A physical card containing a built-in memory chip to store and process data electronically for secure transactions and authentication.
User Directory
A centralized database or service that stores and manages information about users and their credentials.
User Federation
A process of connecting and integrating multiple identity systems or directories.
User Provisioning
The process of automating the creation, updating, and deactivation of user identities across multiple systems, applications, and services using SCIM protocol.
Workflows
A defined sequence of tasks, processes, or activities that must be completed to achieve a specific goal.
Zero Trust
A security framework based on the principle of "never trust, always verify."
Back
Next