Customer Identity & Access Management (CIAM) is a standardized identity and access management system facilitated through Transmit. Customers (i.e., those with a B2B relationship with Interac) and their employees, are added as members to their organizations. Roles are assigned to members when they are added to an organization.
All entities (roles, members and organizations) exist within the context of an application such as Customer Service Portal (CSP).
Figure 1: Within Transmit – Apps are assigned to Orgs of which Members are a Part
Interac invites the Managed Organization Creator (Managed Org Creator) and Organization Administrator (Org Admin) – collectively referred to as admins in this document – to the Organization Management Client (OMC) portal. After completing registration, the admins can add members and other administrators to an organization. Only the Managed Org Creator create new managed organizations.
Members of an organization receive an email invitation to register with an organization within an application. Registration must be completed for each application to which members are added.
Each application portal has its own unique URL which members will use and re-use to access as required. Members will need to maintain their own library of links as they see fit.
Terms and Definitions
| Term | Acronym/Short Form | Definitions |
|---|---|---|
| Customer | N/A | Financial Institutions (FIs), Acquirers, etc. who have a B2B relationship with Interac and want to subscribe to one or more of Interac’s applications such as TSP’s Customer Service Portal (CSP), Online Administration System (OAS), etc. |
| Interac | N/A | Interac manages the tenant and completes onboarding procedures for new customers and new applications. These procedures are out of scope for this training guide. |
| Managed Organizations | N/A | Managed organizations refer to all organizations within the context of an application such as TSP’s CSP. There can be sub or child organizations under the umbrella organization. An example of an umbrella organization is a Financial Institution such as a bank.
Based on an application’s configuration policies, an Org Admin may be able to create sub or child organizations under the umbrella organization. The Managed Org Creator must be a part of an umbrella organization that has assignable groups in order to create a managed organization. The umbrella organizations are onboarded by Interac. |
| Managed Organization Creator | Managed Org Creator | The Managed Org Creator is another type of administrator responsible for creating new managed organizations and child organizations and associating role group(s) with an organization. Managed Org Creators can also perform the same operations as the Org Admin. All operations performed by the Managed Org Creator are within the context of an application.
Note: The Managed Org Creator must be within an organization that has assignable groups to create a managed organization. The Managed Org Creator has an additional + Add organization button on the Managed organizations page in Transmit. The Org Admin does not have this button. |
| Members | N/A | User interface (UI) elements in Transmit use the term “Members”. Those that have tasks to perform in the application portal or the OMC portal are all “members”. Members belong to an organization within an application. |
| Organization | N/A | An organization is composed of members with role assignments. All organizations belong to one or more specific application(s). For example, an acquirer-organization can be in both CSP and OAS. |
| Organization Admin | Org Admin | Interac assigns the Org Admin’s role to the individual appointed by the customer. The Org Admin can access the OMC portal to perform tasks such as inviting members to an organization within the application. For example, an FI organization may want to provide a user access to the CSP. |
| Organization Management Client (OMC) | OMC | This portal is used by Managed Org Creators and Org Admins to add and manage members and managed organizations within an application. The admins must sign into each application’s OMC portal to manage the organizations and members for that application. |
| System Administrator | SA | System Administrators are responsible for ensuring members’ devices have the required settings to enable FIDO2 registration. |
| Transmit | N/A | CIAM-supporting platform. |
-
-
Figure 43: Umbrella Org is Selected During Sign In
-
-
- Sign into the OMC portal
- From the left-side menu options, select Managed Organizations.
- A table lists organizations by their name, ID, Domains, and Status (whether Enabled or Disabled).
-
♦Note: When an organization is disabled, members of the organization cannot log into the portals.
-
Figure 44: Organizations under the Umbrella Organization
-
-
- Sign into the OMC portal.
- From the left-side menu options, select Managed Organizations.
- A table lists existing Organizations and important information such as their name, ID, domain, and status (whether enabled or disabled).
- In the table, corresponding to the organization’s information that you want to change, click the more actions
found at the end of the row.
-
Figure 45: More Actions Icon
-
-
- Select Edit organization.
- On the Organization info page, click Edit.
-
Figure 46: Edit Organization info
-
-
- You can make changes to the following fields: Name, Domain, and the Organization’s logo.
- Click Save
When an organization is disabled their status changes from Enabled to Disabled. When an organization is disabled, members in these organizations cannot access their respective portals.
- Sign into the OMC portal.
- From the left-side menu options, select Managed Organizations.
- A table lists existing Organizations and important information such as their name, ID, domain, and status.
- In the table, corresponding to the organization’s information that you want to change, click the more actions found at the end of the row.
- Select Disable organization
-
Figure 47: More Actions
-
-
- Sign into the OMC portal.
- From the left-side menu options, select Managed Organizations.
- A table lists existing Organizations and important information such as their name, ID, domain, and status (whether enabled or disabled).
- In the table, corresponding to the organization’s information that you want to change, click the more actions found at the end of the row.
- Select Delete organization
-
Figure 48: More Actions – Delete Organization
-
-
Admins can switch from the current organization to another organization of which they are a member.
- Sign into the OMC portal.
- From the left-side, select the dropdown option arrow (
) to view other organizations of which you are a member.
-
Figure 49: Switch Organizations
-
-
- Under the Switch organization section, select the organization to which you want to switch.
- Complete sign in procedures
♦Note: Only Managed Org Creators that are a part of an organization that has assignable groups can create managed organizations
- Sign into the OMC portal.
- From the left-side menu options, select Managed Organizations.
- A table lists existing Organizations and important information such as Organization name, Organization ID, Domains, and Status (whether Enabled or Disabled).
- Click + Add organization.
- In the Add Organization pop-up window, enter the Organization’s name, and Domain.
- In the Assign role groups field, click the arrow () to select a group from the dropdown options.
- Click Add.
-
-
Figure 50: Left-side Menu Option – Managed Organizations
-
-