The issuance module allows you to issue multiple types of credentials to a user. For more information on how to issue various identities and credentials, refer Issuance. The following are the credential types that can be issued:
- PIV Smart Cards
- JCOP4 Cards
- MiFARE DESFire Cards
- Yubikeys (Token)
- Plastic Cards
- Mobile Credentials (ID Wallet)
The personalization process involves a series of steps and calls to multiple APIs related to the device client, user management service, and credential management service. You need to fetch the user and workflow details. The process involves calling the following APIs:
- Get Connected Card Reader List: This API returns the connected readers and card ATR.
- Identify and Personalize Device: This API is used for the identification and issuance process. This API is used in other processes such as change PIN, Reset PIN, etc. However, for this process, it takes the process=identity (to identify the device) and process=issuance (to personalize the device). Certain cards come in a locked state. Hence, it is essential to unlock the GP keys before accessing the card. For this the same API is initiated and the process=gpunlock. The case where the workflow is configured to ensure that the card is to be locked after personalization to ensure security, it is essential to lock the card. For this the same API is initiated and the process=gplock.
- Execute Card Commands: This API is used to execute the commands sent from the APDU service on the device. The process continues till all the commands required to complete a process are executed till all the steps and status are in 'done' status.
- Validate Device: Validates the status of the device.
- Get UUID: Gets the device's universally unique identifier (UUID).
