Creating a New Credential

This section explains how to create a new credential for both public key and shared key of HID Approve default App or SDK App.

Prerequisites: To create a new credential, you must be assigned the Configure Settings permission in Administrator Account.

To create a new credential for public key and shared key, follow the steps below:

Important: For the Default App, you don’t have the privilege to create the new shared key credentials.

  1. Sign in to Administration portal.

  2. Click Settings in the left navigation bar to open the Settings page.

  3. Click HID Approve Authentication Configuration on the Settings page, then you can see the list of HID Approve applications.

  4. From the list of HID Approve applications, choose the Default App or a SDK App for which you want to add a new credential.

    Expand the App and click on the arrow (>) of "Credential Profiles" tile to open the View Credential Profiles page.

  5. In the Credential Profiles view page, click EDIT to enable the NEW CREDENTIAL button for the creation of new public key and shared key credentials.

    In "Public Key Credentials" tab, click NEW CREDENTIAL to add a new credential.

    In the "New Credential" pop-up page, provide the following parameters to add a new credential for public key.

    Parameters for creating a public key credential:

    Parameters Description
    Name Enter the name of the credential.
    Description Enter the description of the credential.
    Credential type code

    An auto-generated type code while creating a credential. However, you can edit this auto-generated type code as per your requirements before creating a credential. For example: CT_TDSV4, CT_PASAV4 etc.

    Important: The Credential type code should be unique for each credential. You cannot create a number of credentials with the use of same type code.
    Key usage

    Choose the key usage as "Authentication' or 'Signature' or 'Other'.
    Custom key usage If you choose Key usage as "Other", then a text field "Custom key usage" will be appeared to enter your custom text for key usage.

    Key expiry duration

    (in days)

    The duration or timeframe during which a credential remains valid after its activation.

    For default app: By default, the service renewal period value will be taken when you create new credentials.

    For SDK app: By default, the global credential validity value will be taken when you create new credentials.

    After entering the parameters, click SAVE to add the newly created public key credential into the credential list.

    In "Shared Key Credentials" tab, click NEW CREDENTIAL to add a new credential.

    Important: For the Default App, you don’t have the privilege to create the new shared key credentials.

    In "New Credential" pop-up page, provide the following parameters to add a new credential for shared key.

    Parameters for creating a shared key credential:

    Parameters Description
    Name Enter the name of the credential.
    Description Enter the description of the credential.
    Credential type code

    An auto-generated type code while creating a credential. However, you can edit this auto-generated type code as per your requirements before creating a credential. For example: CT_TDSV4, CT_PASAV4 etc.

    Important: The Credential type code should be unique for each credential. You cannot create a number of credentials with the use of same type code.
    Key usage + Mode

    Choose one of the below as Key usage:

    • Authentication with Challenge/Response OTP

    • Signature with Multi-parameter Challenge/Response OTP

    • Authentication with Synchronous OTP

    • Other
    Moving factor Choose "Event" or "Time" as moving factor.
    OTP length Defines the length of OTP value.
    Challenge length

    Defines the length of the challenge provided to a user to generate an OTP on the device (in the challenge response mode).

    Key expiry duration

    (in days)

    The duration or timeframe during which a credential remains valid after its activation.

    For default app: By default, the service renewal period value will be taken when you create new credentials.

    For SDK app: By default, the global credential validity value will be taken when you create new credentials.
    Custom key usage If you choose Key usage as "Other", then a text field "Custom key usage" will be appeared to enter your custom text for key usage.
    Mode

    If you choose Key usage as "Other" from the drop-down, then "Mode" field will be appeared.

    Choose one of the below as Mode:

    • Challenge/Response OTP

    • Multi-parameter Challenge/Response OTP

    • OTP

    After entering the parameters, click SAVE to add the newly created shared key credential into the credential list.

  6. Click SAVE to save the changes for the credential profiles.