Getting Started
Unifyia Platform is a unified microservices-based, multi-tenant, cloud-native, centralized, zero trust
solution for identity orchestration and management for enterprises and governments. It offers simple,
seamless, and tailored customer experiences for all involved parties, all while upholding stringent
security measures. This solution aims at simplifying
and speeding up identity issuance and credential lifecycle management with agility and cost
efficiencies. It is a modern, agile, web-based, customizable solution for the issuance and management of
PIV, CIV, Derived PIV (DPIV), and Derived FIDO2 (DFIDO2) credentials on smart cards, tokens, and
mobile devices.
Organizations have the flexibility to customize their identity workflows to align with their internal
policies and regulatory requirements. The platform offers a range of configurations to enable the
seamless adaptation of onboarding, enrollment, adjudication, issuance, management, authentication, and
authorization processes to accommodate various stakeholders within the organization while adhering to
FIPS, NIST, and FIDO2 standards to ensure interoperability, security, and reliability.
Access to the Unifyia platform
The Unifyia platform for operators is a unified platform for sponsoring, enrolling, adjudicating,
issuing, and managing identities for users and partners. It allows operators to issue identities on
devices such as smart cards, NFC cards, security keys, and mobiles.
The access to the Unifyia platform is role-based as per the specifications outlined in FIPS 201-3.
Access to different modules on the platform for operators is based on the access privileges assigned to
them. Each role may be assigned exclusively based on the activities to be performed on the platform.
This document assumes that the actions performed by Sponsors, Registrars, Identity Issuers, Security
Officers, and Helpdesk Operators as operator functions. Hence, this document acts as a single point of
reference for all the operators to understand the various functions that they can perform. Organizations
may use their discretion in assigning privileges based on their defined organization policies.
Supported browsers to access the Unifyia platform
- Windows
- Google Chrome
- Microsoft Edge
- macOS
This article is designed to provide you with a list of setup tasks that provide you step-by-step instructions and best practices for configuring the various options for identity
orchestration. Complete the following configuration tasks to begin using the Unifyia Platform:
Setup Tasks
| Task |
Description |
|
Unifyia Client Installation
|
Learn how to install the middleware client services for device communication.
|
|
Administrator
Login
|
Administrator registration for a passwordless authentication method during first-time
login, utilizing system-generated credentials for secure access and account
personalization.
|
|
Branding
|
Customize the platform as per your organization’s branding policies.
|
|
Content Signing Certificate
|
Upload an issuer content signing certificate to the database that will be used to
sign the data written to containers in the identity devices to ensure data integrity
and authenticity.
|
|
Directory Integration
|
Integrate directories such as Active Directory (AD) or Lightweight Directory Access
Protocol (LDAP) for user federation.
|
|
Certificate Authorities
|
Integrate certificate authorities for issuing digital certificates within a Public
Key Infrastructure (PKI) framework.
|
|
Notification Providers
|
Add an Email Server and SMS Gateway for notifications.
|
|
Notifications
|
Configure system-wide notifications for users, operators, and administrators for
timely updates and alerts.
|
|
Role-Based
Access Control
|
Manage roles and access privileges.
|
|
Multi-factor Authentication
|
Configure MFA for the platform users and set a preferred sequence of the options.
|
|
Passkeys (FIDO2) Policies
|
Configure registration and authentication policies for the passkeys (FIDO2) as per
FIDO2 specifications.
|
|
Groups
|
Learn how to add groups to enable the assignment of multiple rules or policies to
users.
|
|
Device Profiles
|
Configure device management keys for identities such as smart cards, security keys,
and digital identities on mobile devices.
|
|
Visual Designs
|
Configure designs for the ID cards or electronic identities.
|
|
Workflows
|
Configure workflows for credential issuance.
|
|
User Management
|
Manage user onboarding and enrollment. Add admins, PIV operators, and users and assign role
privileges. You can also enroll users in bulk. Assign groups and workflows to define issuance
policies.
|
|
Credential Management
System
|
Learn how to issue various identity devices, authenticate using the issued credentials, and
their lifecycle management.
|
|
Reports
|
Learn more about the comprehensive report generation module that empowers
administrators and decision-makers to access various compliance reports.
|
|
How-To-Guides
|
Access multiple use case based step-by-step instructions for completing a specific
task.
|
Additional Configurations
| Task |
Description |
|
Integrate IdPs
|
Integrate IdPs such as Entra ID, Okta to enable SSO functionality and identity
federation. The platform supports OpenID Connect (OIDC) and Security Assertion Markup
Language (SAML) protocols.
|
|
SCIM Provisioning
|
Learn how to leverage the SCIM-compliant APIs to integrate SCIM clients to facilitate
centralized management of user data and identities across multiple domains or systems.
|
|
Enterprise Connections
|
Learn how to consume external Identity Provider's (IdP) custom APIs for user
provisioning. The platform currently supports Okta.
|
|
Integrate SSO Applications
|
Learn how to integrate SSO applications such as Entra ID and Okta for single sign-on. The
platform supports SSO over OpenID Connect (OIDC) and Security Assertion Markup
Language (SAML) protocols.
|