This is the draft preview of version 3.1 for the Federal Identity, Credential, and Access Management architecture.

Edit this page

4. Create and Issue a Credential

Three hexagons with the letters I, C, and A. The C is highlighted in green for Credential Management, with a green banner for the Issuance service.

After you identity proof an individual, you’ll issue some proof of that individual’s claimed identity. A credential (like a physical card) is a type of authenticator that serves as a tool for an employee or contractor to gain access to agency services.

Use Case

In this use case, an administrator needs to issue a credential to an employee or contractor.

Note: The preferred credential for employees and contractors is a PIV card. For cases where you cannot issue a PIV card, you must use a combination of factors to reach at least an AAL2 credential.

Icon Key for the diagrams that follow.

1. Initiate the request
A diagram showing an employee or contractor and a sponsor or supervisor initiating a credential request with an administrator.		 An individual presents a valid government issued ID.
2. Review the request
A diagram showing an administrator verifying the presented credential with the organization that issued it.		 The government ID is verified with the organization that issued it.
3. Generate and assign the authenticator(s)
A diagram showing an administrator generating and assigning an authenticator to the employee or contractor.		 The individual presents a second form of government ID or an account number.

Example

I want to issue an enterprise credential, unique to an employee or contractor, so that they are able to access federal buildings and protected resources to which they require access.

Next Steps

Assign access entitlements and maintain the credential.