Supervised Enrollment for Strong Authentication

Supervised enrollment ensures stronger identity verification by requiring a supervisor to confirm and witness the enrollment process.

Use this method if your organization wants stronger assurance or must meet eIDAS Substantial requirements.

Prepare Your Account and Your Computer

Enrollment supervisors confirm that their account and computer are ready to enroll providers:

  • In the Windows notification area, click the Imprivata icon. If the computer is configured to enroll providers, Enroll Authentication Methods is listed.
  • Proximity card enrollment does not need to be supervised, but if providers will also enroll proximity cards, then a proximity card reader must be connected to the computer.

If the Require eIDAS Substantial user policy option is enabled, then enrollment must be supervised for the following methods:

  • Secure proximity cards (but not standard proximity cards)
  • Imprivata ID
  • Security Keys

Log Into the Enrollment Utility

  1. Click the Imprivata icon in the Windows notification area and select Enroll Authentication Methods. The enrollment utility login screen opens.
  2. Enter your username and password. The enrollment utility opens.

Witness and Attest to Provider Enrollment

After you enroll your authentication methods for witnessing enrollment, you can enroll providers.

  1. In the bottom-right corner of the enrollment utility, click Enroll providers. Your name appears at the top and bottom of the screen.

    NOTE: If you are notified that you have not enrolled a valid authentication method for witnessing enrollment, and you are not sure what authentication method you need to enroll, contact your Imprivata administrator.

  2. Search for a provider by username, first name, or last name.

  3. Verify the provider's identity according to your company's policy.

  4. Optional — Select the form(s) of identification you verified. Enter any additional comments if needed.

  5. Click Continue.

  6. The provider's login screen opens. Your name is displayed at the bottom of the screen.

  7. The provider logs into the enrollment utility using their username and password or an enrolled authentication method. The welcome screen opens and displays the authentication methods that the provider needs to enroll. The name of the provider who is enrolling is displayed at the top of the screen, and your name is displayed at the bottom.

  8. The provider clicks Get Started!

  9. The provider enrolls her first authentication method.

  10. The provider clicks Done.

  11. Review and revise the Forms of identification and Additional comments if needed.

  12. Use your authentication method(s) to attest to the enrollment of the provider.

  13. If additional authentication methods are available or required, have the provider enroll those as well.

  14. When all required authentication methods are enrolled, the provider clicks Log out.

  15. The provider login screen opens again. The enrollment utility is ready to enroll another provider's credentials.

    NOTE: If you want to stop supervising enrollment, exit the Imprivata enrollment utility to prevent someone else from acting as a supervisor with your identity.