CAC/PIV Enrollment Portal
This portal captures certificate-verified enrollment requests for Paradigm SSO access.
The certificate is validated before the request reaches this site. Paradigm approval is required before a Keycloak account is created or updated.
Flow
- User presents CAC/PIV certificate at the ALB.
- ALB verifies the certificate chain and revocation configuration.
- This portal records the certificate identity and business request.
- Paradigm approver approves or denies the request.
- On approval, the portal creates or updates the Keycloak user with certificate attributes.