This category of tech users is mainly used in automatic user management. eIAM offers 2 APIs for this purpose a SOAP interface for direct access to the user management in NevisIDM (see details on eIAM-AMW), as well as a REST interface via which the functionalities of the delegated management can be used as a service (see details on eIAM-RDM).

Please note the following necessary preparations before ordering:

• For accounts with a soft certificate, authentication is done by means of an X.509 certificate of class C (classes D and E are not supported).
  • The certificate must first be procured by you as the customer, in accordance with the specifications of the Admin PKI, via a Remedy MAC (enter order by order type, search for "certificates class C", -> order certificate).
  • The certificate is in the name of the technical user who is used to establish the connection.
  • The certificate must contain at least the following key usages:
    • X509v3 Key Usage: Digital Signature
    • X509v3 Extended Key Usage: TLS Web Client Authentication
  • The public key must be included in the order as a PEM file.
• The CISO of the office (see list of CISO) must approve the use of the Techuser via mail.
• For the lifecycle management of the "Managed Techuser", a responsible, central office must be defined (not a dedicated person), which knows the technical contexts and can carry out certificate exchanges, e.g. an application management team.