Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

1. Create and Maintain an Identity

Three hexagons with the letters I, C, and A. The I is highlighted in red for Identity Management, with a red banner for the Creation service.

When you onboard an employee or contractor at your agency, you collect identity information from the individual and store parts of that information as identity attributes. These attributes serve as a digital proxy for the individual’s identity, also known as an enterprise identity.

Use Case

In this use case, an administrator needs to collect or manage identity data for an employee or contractor for the purpose of creating an enterprise identity record and maintaining it throughout its lifecycle.

Icon Key for the diagrams that follow.

1. Collect information
A diagram showing an employee or contractor providing identity information to an administrator with the authoritative source.		 The administrator collects identity information from the employee or contractor.

This identity information may come from the individual, onboarding documents, or HR systems.
2. Create an enterprise identity
A diagram showing the authoritative source populating the identity information into a data repository, creating an enterprise identity in the authoritative source.		 The administrator adds the identity information to the authoritative source, a data repository.

Result: An enterprise identity in the authoritative source for the employee or contractor.
3. Maintain the enterprise identity The following steps describe identity maintenance your agency should perform on a regular basis.
3a. Identify and aggregate identity data
A diagram showing the data repository with multiple enterprise identities for one individual, and an arrow indicating the change to a single consolidated enterprise identity.		 Query your data repositories for any existing identities for an individual. Aggregate these attributes as a single enterprise identity for the individual.
3b. Update the enterprise identity
A diagram showing two paths to update an identity. Path 1 is the administrator updating the enterprise identity directly in the authoritative source. Path 2 is the employee or contractor updating their personal information in an agency application, and the application updating the enterprise identity in the authoritative source.		 If an individual has updated personal information, there are two ways to update the enterprise identity:

  • The administrator updates the individual’s enterprise identity attributes directly in the authoritative sources.
  • The individual uses an agency application to update their personal information, and the application updates the individual’s enterprise identity attributes in the authoritative sources.
3c. Delete the enterprise identity
A diagram showing an administrator deleting an enterprise identity.		 When you need to delete an enterprise identity, delete the identity attributes in the authoritative source.

Example

I want to create a new enterprise identity so that an individual may be established as a federal employee or contractor that will need to be identity proofed, credentialed, and granted access to agency services.

Return to top

IDManagement.gov

An official website of the General Services Administration

Looking for U.S. government information and services?
Visit USA.gov

This site is a collaboration between GSA and the Federal CIO Council. It is managed by the Identity Assurance and Trusted Access Division in the GSA Office of Government-wide Policy.

Edit this page