This page reviews MAG FIS Administrator role and common tasks they can perform. To view the MAG FIS Administrator guide, click here.
Responsibilities
Federated Identity Service (FIS) Administrators can perform these common tasks in Managed Access Gateway (MAG):
Authorize FIS
To approve FIS application requests:
1. Login to your MAG account. From the Dashboard, select the Administration tab. click Registration Requests.
2. Select Registration Requests sub-tab. Click Authorize FIS. Any pending requests display.
3. Click the Request ID. The user’s information displays.
4. Review the User’s information. Please verify the User ID, first and last name matches their legal name. Also verify the email address is valid (public email addresses such as Hotmail, Gmail, etc – are not allowed).
NOTE: For example, Patrick Starr is a match for starrp_8036. If the request displays a first and last name of Patrick Starr but the user id is doej_1234, the request must be denied. Additionally, ensure the user registered a business domain email address. For MLOA Certificates, ensure the user’s first and last name matches their proofing appointment identity documents. If an account is non-compliant, users need to work with their Organization Administrator to obtain a new account.
5. You can modify the following fields if the user entered incorrect information:
– Partner/Application: Which requires digital certificates.
– Certificate Assurance Level: Basic (BLOA), Medium (MLOA), or Unknown.
– Certificate Usage: Only displays if user selects Basic.
– Certificate Type: Software, Hardware, or Unknown.
– Certificate Validity Period: 1 or 3 years. One year is only available for Basic.
– Request Reason: Reason why user requires certificates.
6. From FIS Administrator Action, select Approve or Deny. If denying, you are required to enter comments. Click Next.
7. If approving a BLOA certificate request, the user will receive an email with installation instructions. If approving MLOA certificates, the request is routed to Exostar for review.
Subscribe to FIS
To subscribe your organizations to FIS, follow the steps below.
1. From your MAG Dashboard, select the Administration tab, and then select Subscribe to Application sub-tab.
2. Locate FIS application. Click the Subscribe to Application button.
3. Select an existing or add a new FIS Administrator. Click Next.
NOTE: If creating a new Application Administrator, the system creates a new user account. The request is then routed to Exostar for approval (it may take up to 48 hours to process). You receive a notification once Exostar approves your request.
4. Once Exostar approves your request, login to your Exostar MAG account and accept the FIS Terms and Conditions.
NOTE: Any users associated with your organization requiring FIS access, must request FIS access after you accept Terms and Conditions.
Revoke FIS Certificates
FIS Administrators can revoke certificates for users within their organization. Once certificates are revoked, they can no longer be used. New certificates will require a new purchase.
1. Login to your MAG account.
2. Go to the Administration tab. Click View Users sub-tab.
3. Search for the User. Once the results display, click the User ID hyperlink.
4. Scroll to the Certificates section. Click Revoke.
5. Select the Certificates you are revoking. You are required to select a revocation reason and enter comments. Click Submit.
6. You will receive a Certificate Revocation Request form. Click Sign.
7. A signing page displays, enter your MAG password in the Passcode field. Click Sign.
8. Click Done (located in the lower, right corner of the page) when finished.
Users can revoke their own certificates at any time.
1. You should revoke a user’s certificates if you believe the security of those certificates have been compromised in any way.
2. You should revoke a user’s certificates if they are no longer employed with your organization.
3. Revocation of certificates is a Permanent action (i.e. there is no way to recover those certificates and the user must reapply should they need those certificates).
Upgrade Organization to FIS MLOA
If your organization is subscribed to the Basic Level of Assurance (BLOA) Digital Certificate Service, but your users require a Medium Level of Assurance (MLOA) Digital Certificates, please contact your Organization Administrator for assistance. They can request an Upgrade for FIS MLOA certificate.
If you need to upgrade your company from FIS Basic Level of Assurance (BLOA) to FIS Medium Level of Assurance (MLOA):
1. From your MAG Dashboard click the Administration tab, then select the Subscribe to Application sub-tab.
2. Click Subscribe to Application for FIS.
3. Under the Organization Assurance Information section, select Medium. Click Next.
NOTE: The request is routed to Exostar for approval or denial. You receive a notification once Exostar actions your request.
4. Once Exostar approves your request, login to your MAG account to accept Terms and Conditions.
NOTE: Any users associated with your organization requiring FIS access must request FIS access after you accept Terms and Conditions. MLOA requires in-person proofing.