5.15 Editing PIV applicants
Important: The Edit PIV Applicant workflow, which was previously available in MyID Desktop, is now End of Support, and has been replaced with equivalent functionality in the MyID Operator Client; see the Editing a PIV applicant section in the MyID Operator Client guide for details.
The Edit PIV Applicant screen in the MyID Operator Client allows you to edit the details of applicants. You can add applicants to MyID in the following ways:
-
Enroll using the MyID Core API.
See the MyID Core API guide for details.
-
Manually add using the Edit Person workflow (in MyID Desktop) or the Add Person screen (in the MyID Operator Client) and assign the PIV Applicant role.
-
Edit a person from a directory using the Edit Person (Directory) screen in the MyID Operator Client, and assign the PIV Applicant role.
Note: If you import a user from a directory, and have set up directory synchronization, the MyID applicant records can be updated by changes in the directory.
-
If you use the Request Card workflow to import a user, by default the user will not be assigned the PIV Applicant role, and you will be unable to edit the users using the Edit PIV Applicant screen. To remedy this, you can set the default roles for the group to which you are adding the user to include the PIV Applicant role.
See the Default roles section in the Administration Guide for details.
The PIV Applicant Editor role is created by default, and provides access to the Edit PIV Applicant and Edit Person screens in the MyID Operator client. This role is also set as the manager for the PIV Applicant role, which means that you must have the PIV Applicant Editor role to assign the PIV Applicant role to any users.
Assign the PIV Applicant Editor role to the operators you want to be able to assign the PIV Applicant role to applicants.
Important: The PIV Applicant Editor role is created with its logon mechanisms set to Smart Card only – if you log on to MyID using security phrases or integrated Windows logon, you cannot edit PIV applicants.
Note: You must make sure that your business processes still meet the requirements for FIPS 201 (if applicable). You may want to restrict or prevent access to editing a PIV applicant's details after enrollment.