In this section, learn about end to end user flow for Virtual ID.


  1. Create a Certification Profile
  2. Create a Service Plan
  3. Create an Enterprise & configure Service Plan to it
  4. Create a new role and assign profiles to the role
  5. Create a virtual ID account on ADSS Web RA Web Portal
  6. Create a Virtual ID certificate


After creating a virtual ID, you can perform a number of actions as listed below:


  1. View Certificate 
  2. Download Certificate 
  3. Provision Certificate 
  4. Delete Certificate 
  5. History
  6. More Actions


Virtual ID 


Virtual ID facilitates to register user ID and provides the capability to manage its certificates' keys. This certificate can be used for Advanced Electronic Signature to allow you to authorise a remote signing request using your registered mobile device(s). Certificate request can be for Issuance/approval, renewal and revocation.


Create a Certification Profile


A certification profile is created in ADSS Web RA to configure ADSS Profiles (Certification and/or CSP) to issue different types of certificates for the ADSS Web RA users. In other words, a certification profile (Certification and/or CSP) is actually created in the ADSS Server, and it is used in the ADSS Web RA Admin for its implication.


Certification profiles entail all complex configurations and business requirements (i.e. CA details, Key Algorithm, Validity, etc.) to issue corresponding certificates for the ADSS Web RA users. 


ADSS Web RA supports the following certificate types:


Server side key generation for remote authorized signing

    1. Client must be registered in ADSS Server Client Manager
    2. The Client must be configured in the ADSS Web RA connector of ADSS Server 
    3. A SAM Profile must be created in the ADSS SAM Server 
    4. A RAS Profile must be created in the ADSS RAS Server
    5. The ADSS Web RA Certification Profile must be configured in the Service Plan


Create a Certification Profile in ADSS Web RA


An operator will create a certification profile by following the steps mentioned below:


  1. From the admin portal, expand External Services > Certification Profiles from the left menu to see the certification profiles listing screen.



  1. Click  from the grid header. 
  2. A dialog will appear to add the profile details. The certification profile dialog consists of 5 screens, i.e. Basic InformationProfile Settings, DetailsAuthenticationsAdvance Settings


Basic Information 


Basic Information

Field

Description

Name

Specify a unique name for this profile. 

Description

Specify any description related to this certification profile.

Active

Select this check box to activate this profile.

At the Basic Information screen, enter the fields, then click >.



Profile Settings


Certification Profile Settings for a Certification Service profile:


Profile Settings

Field

Description

ADSS Service

This field will display the ADSS Services (i.e. Certification Service and CSP Service) that are available for ADSS Web RA. Select Certification Service. 

ADSS Certification Server

This field will display the list of active ADSS connectors in ADSS Web RA. Select the one to use for this certification service profile, e.g: 192.168.2.64.

ADSS Certification Service Profile

In this field, enter the certification profile that you created on the ADSS Sever, e.g. adss:certification:profile:001.

Certificate Purpose 

 

Verification Type 

RAS only

Certificate Enrolment 

A drop down where you can select one from the following:


  • None - For a simple certification profile.
  • Device Enrolments - It allows you to create a device enrolment profile. If you select this, another drop down for device enrolments appears. 
  • Windows Enrolment - Once you select this from the drop down, another drop down with Active Directory Profile appears. 

Active Directory Profile

It allows a user to select an active directory profile which is required for Windows Enrolment. 

Device Enrolments

Select this checkbox. A drop box will appear, allowing the user to choose and select between SCEP, CMP, ACME and EST according to requirement. 

Certificate Template 

This drop down will fetch the list of certificate template fetched from the active directory selected above.

Enable Device Enrolment 

 By enabling this setting, user will not be required to upload an authentication certificate while creating an account. 


Details


Once you have configured the profile settings, click > to move to the Details screen. 


Details

Field

Description

Use this certificate profile to generate keys on smart cards/tokens

Enable this option if this profile will be used to generate the certificates in the smart card/token.

Key Algorithm

Key Algorithm that will be used to generate the key pair in the smart card/token. This configuration is coming from the ADSS Server so it cannot be changed

Key Length

Key Length that will be used to generate the key pair in the smart card/token. This configuration is coming from the ADSS Server so it cannot be changed

Validity Period Type

Validity period type can be configured as a Fixed to restrict the enterprise user to change the certificate validity or it can be set as Custom if enterprise RAO allow an enterprise user to set validity period while creating a certificate request.

These Fixed and Custom values can only be used on ADSS Web RA admin, if the selected ADSS Certification profile has set overridable option in certification profile. It will be  shown as Fixed validity period type otherwise.

Validity Period

The certificate validity period. If the CA profile is configured to use its time instead taking the time from the request then this value will be dropped by the CA server. 

Validity Duration

The time unit of the validity period. It could be minutes, hours, days, months and years.


Authentications


Authentications - Enable Secondary Authentication for:

Field

Description

New Requests

If enabled then an OTP (One TIme Password) can be set as a second factor authentication, and an enterprise RAO has to provide an OTP to approve new certificate request. The OTP can be received either through SMS or via an email, depending upon the selected profile.

In Authentication Profiles list only those profiles are listed for which secondary authentication has configured while creating that authentication profile. See Authentication Profiles section for details.

Revocation Requests

If enabled then an OTP (One TIme Password) can be set as a second factor authentication, and an enterprise RAO has to provide an OTP to approve a certificate revocation request. The OTP can be received either through SMS or via an email, depending upon the selected profile.

In Authentication Profiles list only those profiles are listed for which secondary authentication has configured while creating that authentication profile. See Authentication Profiles section for details.

Rekey Requests

Enable authentication for rekey requests will show in the 'Authentications' section to handle second factor authentications for rekey certificate. 

This section appears only when the operator has enabled the 'rekey' policy. Configurations > Policy 

Renew Requests 

Enable authentication for renew requests will show in the Authentications section to manage second factor authentication for renew certificate. This section appears only when the operator has enabled the 'rekey' policy.Configurations > Policy

An administrator can use any of the available methods (OTP, SAML, Active Directory, Azure Active Directory, or OIDC) for secondary authentications, and can enable authentication for new certificate requests, revocation requests and rekey requests as displayed in the screenshot below:



Advance Settings 


Select a subscriber agreement from the drop down. You can also apply vetting 

If a certification profile is created without vetting, then a user will be registered in the ADSS Web RA, his virtual ID certificate will be created and provisioned in SigningHub. 

However, if vetting is set in the profile only a user will be registered in the ADSS Web RA , no certificate will be generated and no user will be created in SigningHub. 


Advance Settings 

Field

Description

Agreement

Select a subscriber agreement if an admin wants a user to agree on certain terms before submitting a certificate request 

Vetting Option

Select whether vetting is required for this certification service profile or not. Select the Manual Vetting option if you require the vetting provision and then select a vetting form from the next appearing field.

Vetting Form

This field will display the list of active vetting forms. Select the one to use for this certification profile.

Enable Revocation Vetting

Select this checkbox to enable vetting for revocation 

Special Permission 

Special permission configurations allow you to permit creation or revocation of certificates to a specific number of Admin RAOs and Enterprise RAOs

Vetting Permission 

Vetting permissions for new certificate request: 


  • None
  • Certificate Vetting Permission 
  • Revocation Vetting Permission (This list will appear only when you tick the checkbox Enable Revocation Vetting)
  • Certificate and Revocation Vetting Permission 

Admin RAO for Certificate Creation 

The number of Admin RAO (s) that can vet a certificate request

Enterprise RAO for Certificate Creation 

The number of Enterprise RAO (s) that can vet a certificate request


Click Create to complete the process of creating a certification profile. 


Create a Service Plan  


The next step is to create a service plan. 


A service plan is a collection of allowed services and certificate types that are assigned to an Enterprise. 


  1. A service plan (s) can be assigned to enterprises only. You cannot assign a Service Plan to the users directly.
  2. Based on your business requirements you can create multiple service plans to offer different set of certification services to different enterprises.
  3. You can configure one service plan in multiple enterprises but it is a good practice to create separate service plans for each enterprise if you are a service provider and there are many enterprises registered in the ADSS Web RA application. 
  4. You can also change the service plan for a particular enterprise from the web portal. Click here.


Follow these steps to create a service plan


  1. Click Service Plans from the left menu.
  2. Click  from the grid header. 



  1. A dialog wizard will appear to configure the service plan details. The wizard consists of 5 sequential screens, i.e.: Basic InformationProfile SettingsEnrolments, Notification and Advance Settings. 


Basic Information


Enter fields on the Basic Information tab. Then click >. 


Basic Information

Field

Description

Name

Specify a unique name for this service plan, i.e. My Service Plan. The service plans are used in the configuration of Enterprise Accounts. 

Description

Specify any description related to this service plan for your record.

Active

Select this check box to make this service plan active. Inactive service plans cannot be configured in the Enterprise Accounts.


Profile Settings 


Select virtual ID profiles from the drop down on the Profile Settings tab.


Profiles to create certificates for Virtual ID (remote authorisation) - Here, you can select multiple profiles to create virtual ID certificates.

Certificate profile for user registration (Virtual ID) - Here, you can set a default profile which will be used to register a default user and generate certificates


You can select other profiles too, then click >. 


Profiles Settings

Field

Description

Services >Profiles to create certificates for Virtual ID (remote authorisation)

This drop down will allow user to set multiple profiles to create Virtual ID certificates.

Services >Certificate profile for user registration (Virtual ID)

This drop down will allow user to set a default profile to create Virtual ID certificates.

Services > Default certificate profile for Desktop Signing

This field will list all those active ADSS CSP Service Profiles that have been created to issue Remote Authorised Signing (RAS) certificates. Specify the one to be used by ADSS Web RA to process such certificate requests.

In case of specifying multiple profiles here, the ADSS Web RA operator will have the option to choose the one before sending a RAS certificate request.

If no profile is specified, the Enterprises registered with this service plan will not be able to request the RAS certificates.

Desktop Signing profile for user registration 

This field will allow a user to select a profile to register user and create a default certificate for Desktop Signing. 

Services > SigningHub Connector

This shows the list of all configured SigningHub connectors that can be used for ADSS Web RA integration.

Services > Default certificate profile for SigningHub

This shows the list of all configured certification profiles which can be used for default certificate generation for Remote Authorisation Signing under integrated app.

If None is selected then no default certificate will be generated under integrated app for enterprise account at registration time.


Enrolments


You can select the required profiles for generating certificates on the Enrolments tab and then click > to proceed. 


Profiles Settings

Field

Description

Profile to create certificates for SCEP

This drop down lists all profiles used to generate Simple Certificate Enrolment Protocol (SCEP) certificate.

Profile to create certificates for CMP

This drop down lists all profiles used to generate Certificate Management Protocol (CMP) certificate.

Profile to create certificates for ACME

This drop down lists all profiles used to generate Automatic Certificate Management Environment (ACME) certificate.

Profile to create certificates for EST

This drop down lists all profiles used to generate Enrolment over Secure Transport (EST) certificate.

Profile to create certificates for Windows User Enrolment 

This section lists all profiles used to generate Windows enrolment certificate for users.

Profile to create certificates for Windows Device Enrolment

This section lists down all configured profiles to create certificates for Windows enrolment certificate for devices. 



Notification 


You can configure SMS Gateway and Email Gateway in the Notification tab, and then click >.


Notification

Field

Description

SMS Gateway

This shows all the configured SMS gateway connectors that can be selected to receive OTP via SMS. Additionally, OTP length and retry interval can also be set.

OTP Length(digits)

Set the length of OTP

OTP Retry Interval (secs)

Set the retry interval if an OTP does not appear on your mobile device.

Email Gateway

This shows the list of configured SMTP connectors that can be selected to receive email notifications.

The selected email gateway will be used from Service Plan for email communication. However, if there is no email gateway configured under service plan then the one which is configured under Configurations > Default Settings will be used to send all email notifications.


Advance Settings 


The Advance Settings screen will display a drop down named as 'Login Authentications', which will require all the primary authentications that are to be configured in the system. Here, the user can select one of the following mechanisms for primary and secondary authentications. 


A user can configure the following authentication mechanisms in a service plan:


  • Email / Password Authentication 
  • SMS OTP Authentication 
  • Email OTP Authentication 
  • Email & SMS Authentication
  • SAML Authentication 
  • Active Directory Authentication 
  • Azure Active Directory Authentication
  • OIDC


Advance Settings 

Field

Description

Login Authentications > Primary Authentication Profiles

When primary authentication is configured as login authentication, it allows an enterprise RAO to login on ADSS Web RA User Portal. An operator can set multiple primary authentication profiles for users in an enterprise. 

Default Primary Authentication Profile

One of the available Primary Authentication profiles must be selected by default for a new service plan.

Secondary Authentication Profiles 

When secondary authentication is configured as login authentication, it allows an Enterprise RAO to login to ADSS Web RA web portal.

Default Secondary Authentication Profile 

One of the available Secondary Authentication profiles must be selected by default for a new service plan.

Enterprise Registration > Enable vetting to approve enterprise registration

This check box enables vetting for new enterprise account registrations. If enabled, the list of vetting forms appear to select a vetting form while registering an enterprise either through ADSS Web RA admin or ADSS Web RA web.


When None is selected under vetting form list, then no vetting form appears to be filled. An Admin RAO is required to approve the new enterprise registration only. 


Once you specify the configurations of each screen accordingly, click Next to proceed further. 

Click Create. A new service plan will be saved and displayed in the list. You can also edit and delete a service plan, if required. 

It is important to note that primary and secondary authentication profiles mechanism cannot be the same. 


Once you create a service plan, create an enterprise and configure the service plan to it.


Create/Register an Enterprise and assign Service Plan to it


  1. Expand Enterprises > Requests from the left menu. 
  2. Click  from the grid header as displayed in the screenshot below:



  1. A screen will appear with three navigation tabs, i.e. Organisation Information (Assign Service Plan), Account Owner and License. See the table below for fields and their respective description. 


Fill in the Organisation Information fields and the click >.


Organisation Information

Field

Description

Legal Name

Legal Name is the official name of the organisation under which the organization is registered with the government and it is the name that is used when submitting tax to the government e.g. Ascertia Limited

Assumed Name

It could be the name of the organisation that is commonly used e.g. Ascertia

Organsation Phone Number

Official phone number of the organisation that is registered in the government documents

Address

Complete address of the organisation as it was provided to government at the time of company registration. The following fields should be filled as part of Address:

  • Country
  • State
  • City
  • Postal Code
  • Address 1
  • Address 2

 Service Plan

Select and assign a service plan to this enterprise. You can use a shared service plan or create a separate plan for each enterprise depending on the certificate issuance of each organisation 

 Create Default Role

Select  checkbox to create a default role while creating a new enterprise. (screenshot attached below)

Fill the mandatory fields and click > to proceed. 


Account Owner

Field 

Description

Name

Name of the enterprise owner. It could be any representative of the organisation but ideally it should be the CEO. Any change request in the enterprise should be initiated by the enterprise owner.

Email

Email address of the enterprise owner. An email will be sent to this email address to create an account on the ADSS Web RA Web.

Mobile Number

Mobile number of the enterprise owner to send the OTP code if enabled in the profile.

Job Title

The role of the enterprise owner in his organisation.


  1. Set Certificate Quote and expiry for the certification profiles on the License screen and click Create. 


License

Field  

Description

Name

Name of the certification profile for which an enterprise wants to use ADSS Web RA to create certificates.

Unlimited 

It is a check-box that can be used to allow a user to create unlimited certificates. This field will appear only if a user is allowed to create unlimited certificates. 

Certificates Quota

This defines the total number of certificates an enterprise is allowed to generate from ADSS Web RA against each certification profile. 

Expiry

This defines the duration for which these certificates are valid. 


  1. A new enterprise will be saved and displayed in the list. 


Invite a new User


  1. Click on the enterprise name, you will be directed to the enterprise management screen. Expand Users > User Invitations. 

Information 

  • Name 

Enter name of the user you wish to invite to the enterprise. 

  • Email

Enter email of the user you wish to invite to the enterprise. 

  • Role

Select a role for the user.

Click Invite User.


 


  1. An email will be sent to the user on the above configured email address. (As displayed below) Click Join Now. 


 


  1. The user will be redirected to the ADSS Web RA web portal’s account activation screen. Enter the details:
  • Email 

Email of the user to register on the Web portal. 

  • Mobile Number 

Mobile number of the user. 

  • Password 

Set a password for the login email.

  • Confirm Password

Confirm password for the login email. 

  • Security Question 

Set a security question for password recovery 

  • Security Answer
  • Set a security answer for password recovery 

Select I agree to the Terms of Service and Privacy Policy.


Click Activate. 



  1. The user will now be directed to the Login screen, enter the user email and click Next.


  1. Enter the password and click Login Here. 



Add a Request Note


An operator can add customisable request notes to guide users through each step in the certificate creation process. They can choose to add text to any/all steps of creating certificate requests.


To access, request notes expand "Enterprises" > "Registered", against your enterprise click  and then click Manage. From the enterprise menu expand Notifications > Request Notes. 


An operator can add request notes against the following modules:


  • Certificate Center 
  • Virtual ID
  • Desktop Signing 
  • Device Enrolment
  • Windows Enrolment
  • SigningHub Integration

 

An administrator can add request notes to any of the above modules from ADSS Web RA admin portal, that will be visible on the ADSS Web RA web portal. 


  1. To access request notes, expand "Enterprises" from left menu. Then click "Registered". 
  2. Click on the  button against a specific enterprise to manage its configurations. 
  3. A new menu will appear on the left menu pane. Expand "Notifications", then click "Request Notes".


The request notes can be added against the following categories:


  1. Welcome Note
  2. Create Account
  3. Certificate Signing Request (CSR)
  4. Subject Distinguished Name (SDN)
  5. Subject Alternative Name (SAN)
  6. Certificate Validity 
  7. Vetting Form 
  8. Domain Ownership Verification 
  9. Authentication 
  10. Challenge Password




Then click Save. 


Create a new role and assign profiles to the role


  1. Click Enterprises from left menu, a sub-menu will appear in the drop-down. Navigate to Registered and click it to move to the next screen. 
  2. Click on the button against a specific enterprise and click Manage to manage its configurations. Then click Roles.
  3. The operator can add a role by clicking on the button. 
  4. The operator then needs to enter the name and description, and can also set that role as default by ticking the check box Default. 


 


Once an operator Adds or Edits a role, the module section form will appear with all allowed modules. It is on the discretion on the operator to allow read, add/edit and delete options against the allowed modules. The operator can set the role as Default. 



An operator can add, update and delete enterprise roles. By default, only one role is created when an enterprise is registered. 


   

Click and then the Edit button to find the following sections on this screen:


  1. Module 
  2. Certificate Management 
  3. Enrolments 
  4. Certificate Access
  5. Login Authentications 


Click the Certificate Management tab.


Key Stores

Field

Description 

Virtual ID check box

Select this check box to configure profiles to enable Virtual ID.

Profiles to create certificates for Virtual ID (remote authorisation) 

Select the profiles that you want to use to create Virtual ID certificates. These profiles are the ones you have assigned in the service plan. 

Certificate profile for user registration (Virtual ID)

Select a profile to create a default Virtual ID certificate.These profiles are the ones you have assigned in the service plan. A user will be created on the role configurations. 



Then click Save. 


Create Virtual ID account on ADSS Web RA Web Portal 


Click on Virtual ID from the left menu pane, then click Create to setup a new Virtual ID for the very first time.



On the Create Account screen, the User ID and Mobile Number will be auto-filled, click >.



The Subject Distinguished Name (SDN) screen will appear. Enter the Common Name and Email, then click>.



Select the Validity Period on the Certificate Validity screen, and click Create. 



The Account Created message will appear. Click OK. 



The certificate will appear in the Issued Certificates listing. 



Create a Virtual ID certificate


An operator can create different types of certificate using Virtual ID that are allowed in the service plan.


All the certificate requests related to a Virtual ID user will be listed here. 


Once you have created a Virtual ID, follow the steps below to create a certificate request:


  1. To create a certificate request, click  icon on top right.



  1. The Certificate Type drop down will appear with multiple profiles that are configured in the service plan (admin portal). Select a certification profile from the list and click Create. 



  1. A Welcome Note screen will appear, if configured in the Enterprise request notes. 



The welcome note will appear, select the checkbox 'I allow the use of my data for processing certificate application by Enterprise Name' and click next. (This screen will appear if operator has customised request notes in the enterprise the user belongs to.)


  1. The Subject Distinguished Name (SDN) screen will be displayed.



  1. The Certificate Validity screen will be displayed. The validity period will appear in a disabled form. Click Generate to proceed. 



  1. The subscriber agreement confirmation will appear. Click Yes to proceed. 



  1. A certificate will be generated and you can find it in your download folder on your computer. 



A user can perform the following actions against virtual ID: 


  1. View Certificate 
  2. Download Certificate 
  3. Provision Certificate 
  4. Delete Certificate 
  5. History
  6. More Actions 


Click Issued Certificates from the sub-menu. The following screen will be displayed:



Click button and you can perform a number of actions as displayed below:



View Certificate 


Click View Certificate against the certificate you want to view. The certificate information will be displayed. Then click Close. 



Download Certificate 


Click Download Certificate and the certificate will be downloaded on your machine. 


Provision Certificate 


Click Provision Certificate and the certificate will be provisioned to your Desktop Signing account. 



Delete Certificate 


  1. Expand Requests > Issued Certificates. 
  2. Click against the certificate you want to delete and then click Delete Certificate. 



  1. A confirmation dialog will appear as displayed below. It will also delete certificate (s) against this request,



This section appears according to the configurations in the Policy section in the Admin portal.


History 

If you have revoked a certificate, or reinstated a revoked certificate, you can also view the history by clicking against a specific certificate. Then click History.



You can see what action was performed on a certificate previously.



More Actions 


Click More Actions to revoke, rekey, reinstate or renew a certificate as per configured in the admin portal. 



Rekeying a certificate generates a new key and certificate with the same name and expiration date as an existing certificate. Rekeying is used if an existing key is lost or compromised. 


This section lists all the rekey certificate requests pertaining to the Virtual ID. 


As a pre-requisite, the rekey certificate option should be enabled in the Policy section from the admin portal.  


To rekey a certificate from the web portal:


  1. Expand Virtual ID > Issued Certificates. 
  2. Click the button against the certificate that you want to rekey and click on More Actions. 



  1. Certificate action screen will be displayed. Select "Rekey Certificate" from the drop down, click the confirmation button and then click View Request. 



  1. The certificate request will appear on the screen. The Welcome Note screen will appear. Click next.



The Subject Distinguished Name (SDN) screen will be displayed. 



The Certificate Validity screen will appear. Click next. 



Click Rekey, a certificate rekey confirmation will appear. You can enter an optional message, then click Rekey. 



The certificate generated message will appear. 



The certificate will appear in the Virtual ID Rekey Requests listing. 


ADSS Web RA Server supports certificate renewal before a certificate expires. It is the process by which a user renews a certificate for the same public key used in an expiring certificate.


This section lists all the renewal certificate requests. 


As a pre-requisite, the renew certificate option should be enabled in the Policy section from the admin portal.  


Renew a Certificate 


To renew a certificate from the web portal:


  1. Expand Certificate Center and click Issued Certificates. 
  2. Click the button against the certificate that you want to renew and click on More Actions.



  1. Certificate action screen will be displayed. Select Renew Certificate from the drop down, click the confirmation button and then click Renew. 



  1. The certificate generated roaster message will appear. This certificate request will appear in the renewal requests listing. 


Certificate revocation is a process in which a certificate's usage is terminated before the validity period expires.


This section lists all the certificate revocation requests pertaining to a Virtual ID user. 


To revoke a certificate from the web portal:


  1. Expand Virtual ID and click Issued Certificates. 
  2. Click the button against the certificate that you want to revoke and click on More Actions. 



  1. Certificate action screen will be displayed. Select Revoke Certificate from the drop down, select a reason for revocation, tick the confirmation checkbox and then click Revoke. 



The certificate will be revoked and it will appear in the Revocation Requests listing. 


A certificate re-issue is a process in which the a user generates a new private key and CSR for an existing certificate. A user may need to proceed with certificate issuance if he loses or deletes his private key. 

If they want to make a change in any of the certificate's information, or if they want to change the certificate's encryption level. Once re-issuance process is complete, a new digital certificate is produced. 


This section lists all the reissue certificate requests pertaining to the Virtual ID user. 


To reissue a certificate from the web portal:


  1. Expand Virtual ID and click Issued Certificates. 
  2. Click the button against the revoked certificate that you want to reissue and click on More Actions. 



  1. Certificate action screen will be displayed. Select Reissue Certificate from the drop down, click the confirmation and then click View Request. 



  1. You will be navigated to the Certificate Reissue screen. You can add an optional message, and then click Reissue.



This certificate request will appear in the Reissue Requests listing under the Virtual ID section. 


An operator can manage the Virtual ID settings from this section.


Expand Virtual ID > Settings. The following screen will be displayed: 



An operator can change the mobile number for OTP authentication and device registration. Once he enters a new mobile number click Save, an OTP will be sent via SMS and the other via Email. Enter both OTPs and click Verify for verification. The new number will be saved upon verification. 



User name is the user that has logged into ADSS Web RA web portal. User ID is the virtual ID user that is registered in the ADSS Web RA. And the mobile number is provided to set up Virtual ID user. 


Remove Virtual ID


  1. Expand Virtual ID > Settings from the left menu.
  2. Click on the Remove Virtual ID Account link.
  3. A confirmation message will appear. Click Yes to remove your configured Virtual ID account.

Once you delete your Virtual ID, all its associated requests and certificates will be removed permanently.