Using HID CMS Self-Service

You can issue and manage your devices using the HID CMS Self-Service Portal.

Prerequisites: Before you begin, make sure that:

  • A CMS server is up and running and the HID CMS Self-Service Portal can connect to it.

  • A smart card reader is installed on your station (if applicable).

  • The installed smart card reader is correctly configured.

    Note: The appropriate card reader software driver might need to be installed on the workstation/computer; however, this is not a requirement for all readers.

  • All required software is installed (for example, ActivID ActivClient or an applicable Mini-Driver) on the workstation/computer.

You can connect to HID CMS Self-Service using the following URL: https://<CMS Server>/aims/selfservice

There are two authentication options available:

HID CMS Self-Service log in page displaying Using password button and Using device button

If you choose:

Close up of Using password button from HID CMS Self-Servcie log in screen

A page appears where you can enter your username and password:

HID CMS Self-Service Log in with your password screen with Username and Password filled in and with Log in button and Cancel button available

If you choose:

Close up of Using device button from HID CMS Self-Servcie log in screen

The following page appears:

HID CMS Self-Service Log in with your device screen with Log in button and Cancel button available

Make sure your device is connected and click Log In. You are prompted to select the certificate for your device; then you are prompted for your PIN.

Important: If authentication using your device fails, you must close your browser before you try again. If you click Cancel, you can log in using a password; however, if you attempt to log in again with your device (without having closed the browser), the authentication will fail.

After authentication, you reach your My Devices page:

My Devices page displaying a device in the Active state, with the Add Device button in the top right corner

All your devices are displayed and you can perform various actions (update, unlock, etc.) by clicking on the action buttons) associated with each device.

A menu is available in the top right corner. You can use it to access online documentation, or log out and return to the home page:

Current Limitations

  • The self-service portal does not support multiple LDAP directories.

  • You can authenticate with a YubiKey device using the Microsoft Minidriver; however, it is not possible to authenticate with a YubiKey device that uses an RSA 3K key.

  • Authentication with an RSA 3K key is only possible when you are using Crescendo Key v3 or Crescendo 4000 devices, using the HID Crescendo Minidriver.

  • Currently, authentication to the self-service portal with a device does not work with a peer server configuration..