Features
The key features of the Authentication Partner and the Partner Management System are below.
Ease of Use and Usability Enhancements
Self-registration
A Partner can self-register with much of the process as automated with the least manual intervention.
Interface / User Experience
For its user part, the new interface of PMP has undergone a complete revamp not only on UI but the UX been worked upon from the ground up. The select few points from the UX enhancements are as below:
Card view presentation – You now get ‘Partner User Dashboard’ and this offers a Card view presentation for each functionality with a brief/one-liner description to help you understand the services offered in:
User Profile - The user can view his organization name and username on the top right, the user dropdown on the top right- has two options: User Profile and Logout.
Partner Admin Features
Admin dashboard
Refreshed new user experience to the Admin dashboard which now has structured the high-level functionalities with the help of cards that are ordered logically on the dashboard.
The dashboard displays the cards for Certificate Trust Store, Partners, Policies, Parter Policy-Linking, SBI-Device, FTM Chip, and Authentications Services.
It also displays the pending requests count for Partner Policy-Linking, SBI-Device, and FTM Chip.
Note: For devices that are orphaned without an associated SBI, the partner admin will only have the option to Reject.
Certificate Trust Store
Upload, Download, or View (List View and Detailed view) of Root and Intermediate Certificates.
Partners
Download (Original & MOSIP Signed Certificate), Deactivate Partner or View (List and Detailed View)
Policies
You can use this section for Policy Group and Policy related operations enlisted here:
Create Policy Group
Create Policy
Authentication Policy
Datashare Policy
Clone Policy in Different Policy Groups
Publish Policy in draft status
Edit Policy in draft status
View
List View
Detail View
Deactivate Policy Group (if no active policy is linked)
Deactivate Policy (if no active partner policy mappings)
Partner Policy Linking
Approve / Reject or View (List View and Details View)
Partner Certificate
Upload and Re-upload: Easily upload or re-upload Certificate Authority (CA) signed Partner Certificate.
Download: Download CA signed Partner Certificate and corresponding MOSIP Signed Certificate.
Note:
API Key gets auto deactivated after its expiry.
API Key expiration duration can be configured : Newly generated API keys should be set to 100 years of expiration duration by default, since the time of its creation. But an admin-level configuration (via config file) allows setting the API key expiration duration in days (such that it can accommodate months/years too). But please note that existing API keys (created before this feature) remains unaffected.
Partner Type Feature
User Access Features
Login: Existing Partner who has already registered can login to the portal with email/username and password.
Retrieve Password / Forgot Password: Partner will have the option to reset the password using the Forget Password option.
Key Feature of Authentication Partner
Features discussed here are provided only for Partner Type which is Authentication Partner.
Policies - Request Policy, View, Select Policy Group
Enable Authentication mechanisms for approved policies
API Key:
Generate API Key: Create API Keys for approved policies.
View API Key Details: View a tabular list and individual details of submitted API Keys.
Deactivate: Deactivate API Keys when necessary.
OIDC Client
Create OIDC Client: Create OIDC Clients for approved policies.
View OIDC Details: Access a tabular list and individual views of submitted OIDC Client details, including OIDC Client IDs.
Edit: Edit existing OIDC Client details.
Deactivate: Deactivate OIDC Client whenever needed.
The key features of the Device Provider
Partner Certificate
Upload and Re-upload: Easily upload or re-upload Certificate Authority (CA) signed Partner Certificate.
Download: Download CA signed Partner Certificate and corresponding MOSIP Signed Certificate.
Device Provider Services
SBI - Device Creation: Add SBI, Add Devices associated to an SBI. SBI / Device submissions will go to Partner Admin for approval.
Deactivate: Deactivate SBI or Deactivate mapped devices
View SBI and its associated devices
Note: SBI gets auto deactivated along with its associated devices after SBI expiry.
The key features of FTM Chip Provider
Partner Certificate
Upload and Re-upload: Easily upload or re-upload Certificate Authority (CA) signed Partner Certificate.
Download: Download CA signed Partner Certificate and corresponding MOSIP Signed Certificate.
FTM Chip Services
FTM Chip details: Add FTM details, and deactivate FTM details.
FTM Chip Certificate: Upload, Re-upload, or download certificate.
Receive Notifications via PMS portal and email
Users receive timely notifications through both the PMS portal and email regarding the upcoming expiry of certificates (Root/ Intermediate CA Certificate, Partner Certificate, FTM Chip Certificate), API Key and SBI linked to the Partner Management System (PMS).
Notification Details
Notification Channels
Email
PMS Portal notifications
Recipients
Partner Admins
Receive notifications about the expiry of all Root / Intermediate CA certificates (regardless of who uploaded them) which is set to expire in next 30 days.
Receive a weekly summary listing partners whose partner certificates, FTM Chip Certificates, API Keys and SBIs are expiring in the next 7 days.
Receive individual notifications before the expiry of:
Root CA Certificates
Intermediate CA Certificates
Partner Users
Receive notifications for partner certificates they personally uploaded.
Notifications are specific to their uploaded partner certificates or corresponding MOSIP signed certificates expiring within the next 30 days. FTM Chip Providers receive notifications for FTM Chip Certificates they have personally uploaded that are expiring within the next 30 days.
Device Providers receive notifications for SBIs they have created that are expiring within the next 30 days.
Authentication Partners receive notifications for API Keys they have generated that are expiring within the next 30 days.
Notification Schedule
For Individual Certificate (Root CA/ Intermediate CA/ Partner Certificate / FTM Chip Certificate, API Key and SBI) Expirations:
30 days before expiry
15 days before expiry
Daily reminders starting from 10 days before expiry up to the expiry date (i.e., from Day - 10 to Day 0).
For Weekly Summary Notifications (for Partner Admins)
Sent every 7 days.
Lists all partner certificates expiring within the next 7 days.
The next weekly notification triggers only after another 7 days.
Notification Language Handling
Email Notifications
Sent in the language selected by the user during registration (partner/partner admin).
PMS Portal Notifications
Displayed in the language selected at the time of login, regardless of the user’s registration language preference.
Notification Retention
Notifications in the PMS portal older than 60 days are automatically deleted.
Audit Logging for Certificates, API Key, SBI Expiry Notifications
To enhance traceability, PMS now captures audit logs for all certificate expiry-related notifications, including those shown on the portal and sent via email. Notifications for Root CA, Intermediate CA, Partner, FTM Chip Certificates & API Keys, SBIs—as well as the Weekly Summary of partner certificates, FTM Chip Certificates, SBIs, API Keys sent to Partner Admins—are tracked for both success and failure events. Each event is recorded in the audit.app_audit_log table with a unique event ID and reference details. The logs include metadata such as module name, notification ID, and type. The feature ensures greater transparency and accountability in certificate lifecycle communication.
In case of weekly summary notifications, audit logs are generated regardless of whether any partner-specific items—such as FTM Chip Certificates, SBI, Partner Certificates, or API Keys—are expiring (or not) in a given week. This includes logging events where no expiry notifications are triggered, ensuring consistent traceability for all weekly notification cycles, even if the system determines that there are no expiring items for the period.
Browser Support
Complete support on Chrome, Firefox, Edge, and Safari ensures a seamless user experience across these popular browsers.
Language Support
Currently supports English, French, and Arabic with plans to incorporate additional languages in future releases.
Compatibility
Optimized for standard browser sizes (laptop/desktop/extra large screen) with responsive UI design for laptop/desktop views.
Last updated
Was this helpful?