This is the draft preview of version 3.1 for the Federal Identity, Credential, and Access Management architecture.
1. Create and Maintain an Identity
When you onboard an employee or contractor at your agency, you collect identity information from the individual, and store parts of that information as identity attributes. These attributes serve as a digital proxy for the individual’s identity, also known as an enterprise identity.
In this use case, an administrator needs to collect or manage identity data for an employee or contractor for the purpose of creating an enterprise identity record and maintaining it throughout its lifecycle.
|1. Collect information
||The administrator collects identity information from the employee or contractor, and adds this information to the authoritative source.This identity information may come from the individual, onboarding documents, or HR systems.|
|2. Create an enterprise identity
||The authoritative source sends the information to the system’s data repository.
Result: An enterprise identity in the authoritative source for the employee or contractor.
|3. Maintain the enterprise identity||The following steps describe identity maintenance your agency should perform on a regular basis.|
|3a. Identify and aggregate identity data
||Query your data repositories for any existing identities for an individual. Aggregate these attributes as a single enterprise identity for the individual.|
|3b. Update the enterprise identity
||If an individual has updated personal information, there are two ways to update the enterprise identity:
|3c. Delete the enterprise identity
||When you need to delete an enterprise identity, delete the identity attributes in the authoritative source.|
I want to create a new enterprise identity, so that an individual may be established as a federal employee or contractor that will need to be identity proofed, credentialed, and granted access to agency services.