IdAM Operations


The following provides an overview of the functionality of the Identity Authority Manager (IdAM). 

The Identity Authority Manager industrial-grade hardware appliance enables the integration of identity issuing workflows in industrial environments such as production facilities, building management systems, and plant construction. IdAM provides an out-of-the-box solution to adapt the issuing and management of digital device identities in industrial installations. 

The Identity Authority Manager allows you to: 

  • Integrate certificates issuing processes in line with your issuing policy.
  • Integrate personalization processes with your devices in different stages of the production.
  • Analyze and validate incoming device data to ensure their authenticity.
  • Build workflows based on personalization issuing events.
  • Pre-configure CA Services, see CA Management.
  • Enable use case-specific protocols and workflows using customizable rule chains and adapter frameworks.

Issuing Device Certificates

To demonstrate the concepts of the Identity Authority Manager following a real-life scenario, we provide a step-by-step guide to describe how the IdAM is integrated into different kinds of application scenarios, see How to Issue Device Certificates.

Entities and Relations

IdAM provides a user interface to provision and manage multiple entity types and their relation in your identity issuing process. The following entities are supported: 

  • Tenants: Tenants are an individual or an organization who owns or produce devices. Tenants may have multiple tenant administrator users and operators.
  • Operator: Operators are individual or an organization who are working with the devices. 
  • Adapter: Adapters are the basic device and service entities that may produce incoming personalization requests, and manage the interaction to the service. For example, the Device Adapter, and the CA Service.
  • Dashboards: Provides the visualization of your workflow processes and the ability to control particular service statuses through the user interface. 
  • CA Profile: CA Service entity that can be accessed within a rule chain via corresponding rule nodes.
  • Rule Node: Processing units for incoming messages and events. 
  • Rule Chain: A logic unit of related Rule Nodes.

For more information on Rule Chains and Rule Nodes, see Rule Engine Concepts.