Identity Manager requirements and interoperability
5
_ https://doc.nexusgroup.com/ www.nexusgroup.com 1 _ Identity Manager requirements and interoperability This article provides installation requirements and interoperability data for . Smart ID Identity Manager Expand/Collapse All Requirements The following databases are supported: SQL Server 2014 and 2014 R2 SQL Server 2016 SQL Server 2017 SQL Server 2019 Azure SQL Oracle Database 12c Oracle Database 19c PostgreSQL 9.6, 11, 12 For SQL Server and Azure SQL see also the transaction isolation level requirements here: Set transaction isolation level for MS SQL when used with Identity Manager All are executed in up-to-date HTML5 web browsers such as: Identity Manager clients Mozilla Firefox Google Chrome Safari Microsoft Edge (Chromium) Identity Manager releases are always tested with the latest browser versions. The following version of JasperReports is supported: Templates in JasperReports format (.jrxml) version 6.5.1 are supported The following requirements apply for a workstation that is to be used as a capture client or production client: Nexus Card SDK version 5.7 or 5.8 must be installed. Windows-based workstation (PC). For more information, see Card SDK requirements and . interoperability For PKI cryptochip encoding the following is also required: A PKCS#11 compliant smart card middleware. For a list of supported smart card middleware, see Smartcards and smartcard . middleware OpenJDK or Oracle Java Version 11 (64-bit), tested on OpenJDK 11.0.6+10 Architecture: 32-bit (for any smart card middleware) or 64-bit (for any smart card middleware except Nexus Personal) The smart card middleware and client-side Java must have the same OS architecture, either 32-bit or 64-bit, since Identity Manager's encoding component connects from the client-side Java to the middleware. The following requirements apply for the use of PKI cryptochip encoding features on Identity Manager Self-Service clients: Smart ID Desktop App version 1.4.2 must be installed. For more information, see Smart ID Desktop App requirements and interoperability. This article is valid for Smart ID 20.11 and later. Related information Card SDK requirements and interoperability Identity Manager installation and upgrade
Transcript of Identity Manager requirements and interoperability
_https://doc.nexusgroup.com/ www.nexusgroup.com
1_
Identity Manager requirements and interoperabilityThis article provides installation requirements and interoperability data for . Smart ID Identity Manager
Expand/Collapse All
RequirementsThe following databases are supported:
SQL Server 2014 and 2014 R2SQL Server 2016SQL Server 2017SQL Server 2019Azure SQLOracle Database 12cOracle Database 19cPostgreSQL 9.6, 11, 12
For SQL Server and Azure SQL see also the transaction isolation level requirements here: Set transaction isolation level for MS SQL when used with Identity Manager
All are executed in up-to-date HTML5 web browsers such as:Identity Manager clients
Mozilla FirefoxGoogle ChromeSafariMicrosoft Edge (Chromium)
Identity Manager releases are always tested with the latest browser versions.
The following version of JasperReports is supported:
Templates in JasperReports format (.jrxml) version 6.5.1 are supported
The following requirements apply for a workstation that is to be used as a capture client or production client:
Nexus Card SDK version 5.7 or 5.8 must be installed. Windows-based workstation (PC). For more information, see Card SDK requirements and
.interoperability
For PKI cryptochip encoding the following is also required:
A PKCS#11 compliant smart card middleware.For a list of supported smart card middleware, see Smartcards and smartcard
.middlewareOpenJDK or Oracle Java
Version 11 (64-bit), tested on OpenJDK 11.0.6+10Architecture: 32-bit (for any smart card middleware) or 64-bit (for any smart card middleware except Nexus Personal)
The smart card middleware and client-side Java must have the same OS architecture, either 32-bit or 64-bit, since Identity Manager's encoding component connects from the client-side Java to the middleware.
The following requirements apply for the use of PKI cryptochip encoding features on Identity Manager Self-Service clients:
Smart ID Desktop App version 1.4.2 must be installed. For more information, see Smart ID Desktop App requirements and interoperability.
This article is valid for Smart ID 20.11 and later.
Related information
Card SDK requirements and interoperabilityIdentity Manager installation and upgrade
_https://doc.nexusgroup.com/ www.nexusgroup.com
2_
A PKCS#11 compliant smart card middleware must be installed.For a list of supported smartcard middleware, see Smartcards and smartcard
.middleware
Interoperability
Data connectors
Identity Manager allows synchronization of data with external systems for many different use cases, for example card data, employee data from corporate directories, and entitlements from physical access control systems. Import and export of data can be done for various formats, for example LDAP, JDBC, CSV and SCIM.
Identity Manager supports connection to directories compliant with the following standard:
LDAP v3
Microsoft Active Directory is a typical example of a supported directory.
For more information, see .Integrate Identity Manager with Microsoft services
Identity Manager supports connection to databases based on Java database connectivity (JDBC).
The following databases are supported:
SQL Server 2014 and 2014 R2SQL Server 2016SQL Server 2017SQL Server 2019Azure SQLOracle Database 12cOracle Database 19cPostgreSQL 9.6, 11, 12
The SQL Server and Azure SQL databases only support case insensitive queries (which is the default option).
The following certificate authority (CA) products and services are supported:
Smart ID Certificate Manager 8.3. A downgrade package is available for CM 7.18.Microsoft Active Directory Certificate Services (ADCS) 2012 / 2012 R2 / 2016 / 2019D-Trust Managed PKIIDNomic version 4.8.1EJBCA version 6.15DFN Managed PKIQuoVadis PKI
For more information, see . Integrate Identity Manager with certificate authority (CA)
Other CAs can be integrated on demand.
The following physical access systems (PACS) are supported by Identity Manager:
Vendor System Supported versions
Comment
ASSA Arx 4.1
_https://doc.nexusgroup.com/ www.nexusgroup.com
3_
Siemens Bewator 2010 Omnis 6.2
Bravida Integra 7.3, 8.1 From version over 7.41 extended license is required.
Evva Salto SALTO ProAccess 12.2
Evva Salto SALTO ProAccess SPACE
6.3
dormakaba KABA Exos 9300 4.0
Interflex Datensysteme GmbH (Allegion Group)
Interflex IF-6040 9.2.1.90
Pacom Unison 5.8.6
RCO RCARD M5 5.39.4
RCO RCARD M5 Admin API 5.48.0
Security Shells iSecure - for integration with HID controllers
2.4
Siemens SiPass Integrated 2.76
Siemens SiPort MP 3.1.3
Unitek Unilock 2.0
Lenel OnGuard 6.6 Limited support (IDC)
Stanley Stanley Security Manager (SSM)
8.0, 8.1 Limited support (IDC)
Stanley Niscayah Integration Manager (NIM3)
3.40 Limited support (IDC)
Set up integrations
For more information, see . Integrate Identity Manager with physical access control system (PACS)
There is also a PACS demo service included in the Physical Access component that can be used to simulate PACS integration.
Contact us!
Is your PACS system not on the list? Provide the details of your PACS system and we in this formwill contact you.
The following mobile device management (MDM) product is supported in Identity Manager:
MobileIron 10.4 - 10.7
Other MDM systems can be integrated on demand.
Digital identitiesSupported smart cards depend on the smart card middleware. Smart card middleware is not part of Identity Manager.
Identity Manager connects to a smart card via the PKCS#11 library provided by the middleware. For a list of supported cryptochips and smart cards, please refer to the corresponding technical specification of the middleware.
_https://doc.nexusgroup.com/ www.nexusgroup.com
4_
CardOS 4.4 and CardOS 5.0 are our reference cards for testing. Other cards listed in the middleware specification also normally work, but must be tested individually for the specific requirement.
The following smart card middleware products are supported:
Vendor/ Product Version Reference Card
Nexus Personal Desktop Client 5.4 CardOS 4.4 + 5.0
AET SafeSign 3.0.93 CardOS 4.4
Neowave Weneo
Atos CardAPI 5.4 (1) CardOS 4.2C + 4.4 + 5.0 + 5.3
Charismathics CSSI 5.4 CardOS 4.4 + 5.0 TPM
Cryptovision cv act sc/interface 7.0.5 CardOS 4.4
Gemalto IDGo800 Pkcs#11 Library
1.2.4 IDPrime MD 830
Morpho Ypsid 7.0.1 Ypsid S3
Oberthur AWP 5.1.1 V 7.0.1
Safenet Authentication Client 10.7 IDPrime MD840 and MD940
T-Systems TCOS3 NetKey 1.8.2.2 (2) TeleSec Signature Card V2.0, TeleSec IDKey 1.0
(1) 5.4W14 or later is required for certain features
(2) 1.8.2.2 is the minimum compatible version, we recommend 1.8.2.4 or later
Identity Manager supports certifcate enrollment to Yubico YubiKey 5 PIV tokens via Smart ID . Desktop App
Fido2 tokens on Yubikey are not supported.
The following virtual smartcard is supported:
Vendor/ Product Version
Smart ID Desktop App 1.4.2
For more information, see . Set up virtual smart card management in Identity Manager
Language supportThe following languages are supported:
EnglishFrenchGermanSwedish
_https://doc.nexusgroup.com/ www.nexusgroup.com
5_
![Identity Selector Interoperability Profile · Web viewThe Identity Selector Interoperability Profile V1.5 prescribes a subset of the mechanisms defined in [WS-Trust 1.2], [WS-Trust](https://static.fdocuments.us/doc/165x107/5b25e0487f8b9a97658b4965/identity-selector-interoperability-profile-web-viewthe-identity-selector-interoperability.jpg)
