Forefront Identity Manager Certificate Management (FIM CM) provides a set of callback interfaces that are collectively referred to as the FIM CM Customizable Interfaces. These interfaces enable developers to override the default cryptographic procedures that are used with smart cards, and also enable developers to add custom processing. In other words, FIM CM Customizable Interfaces give developers ways to override or extend steps in the management workflow to allow for custom processing of smart cards and data items.
Management Workflow and Customizable Interfaces
FIM CM provides a management workflow to manage smart cards and other security credentials. FIM CM provides several ways for developers to programmatically customize this workflow. Most of these techniques use functionality built into the FIM CM itself.
The FIM CM Customizable Interfaces, by contrast, provide a callback mechanism. Developers create and install custom .NET Framework assemblies on the FIM CM server that extend one or more FIM CM Customizable Interface assemblies. These assemblies expose interfaces that FIM CM will invoke at select points during the management workflow; at that point, the developer's custom code can insert custom processing.
Usage Scenarios
You can use FIM CM Customizable Interfaces to extend and override default credential processing that address different customization scenarios. The following scenarios are examples of how you can use the FIM CM Customizable Interfaces:
- A developer can perform custom data
validation during request processing to obtain a high level of
assurance that the user is really who they claim to be.
- An enterprise can use FIM CM workflow
features to manage cards enrolled in a pre-existing smart card
infrastructure that uses a cryptographic base CSP key
diversification mechanism unsupported by FIM CM.
- A developer can store custom information
collected during the enrollment process that can be used in other
management workflows.