'Paradigm CAC/PIV Enrollment'

CAC/PIV Enrollment Portal

This portal captures certificate-verified enrollment requests for Paradigm SSO access.

The certificate is validated before the request reaches this site. Paradigm approval is required before a Keycloak account is created or updated.

Start access request

Flow

  1. User presents CAC/PIV certificate at the ALB.
  2. ALB verifies the certificate chain and revocation configuration.
  3. This portal records the certificate identity and business request.
  4. Paradigm approver approves or denies the request.
  5. On approval, the portal creates or updates the Keycloak user with certificate attributes.