6.9 Including user security identifiers in certificates
A user security identified (user SID) is a unique identifier for a person that is stored in your directory. When you import a person from a directory, or carry out a directory synchronization, MyID obtains the user SID from the directory and stores it in the person's record.
You can view or edit a person's SID on the Account tab for a person's record in the MyID Operator Client; see the Searching for a person and Editing directory information sections in the MyID Operator Client guide.
You can use the additional search criterion User SID Present on the People report in the MyID Operator Client to identify people who do not have this information present; see the People report section in the MyID Operator Client guide.
You can import the user SID through the MyID Core API (by providing the account:usersid value when adding or updating a person) or through the Lifecycle API (by providing the PivCardRequest/Agency/Applicant/Account/UserSID or CMSCardRequest/Group/User/Account/UserSID value) when adding or updating a person.
You can include the user SID in the attribute mappings for certificate templates for Microsoft
The user SID is also stored for additional identities; see section 25.1.3, User SIDs in additional identities. You can view the user SID for the additional identity using the Additional Identities (AID) report in the MyID Operator Client; see the Additional Identities (AID) report section in the MyID Operator Client guide.
In the credential profile, you can specify the user SID as a required attribute for a user be issued a device, so that you cannot issue a credential to a person who does not have a user SID as part of their user record; see section 11.3.1.11, Requisite User Data for details.
Note: You cannot import user SIDs if there is no association with the directory