![Page 1: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/1.jpg)
ISO PUBLIC – © 2015 CAISO
Access and Identity Management
(AIM) Training
Radha Madrigal
Customer Service Department
December 1, 2015
The information contained in these materials is provided for general information only and does not constitute legal or regulatory advice. The ultimate
responsibility for complying with the ISO FERC Tariff and other applicable laws, rules or regulations lies with you. In no event shall the ISO or its employees
be liable to you or anyone else for any decision made or action taken in reliance on the information in these materials.
![Page 2: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/2.jpg)
ISO PUBLIC – © 2015 CAISO
Agenda – Review AIM functionality
• View POC profile
• Create new user
• Add/remove user access
• View request history
• View users
• Endorsed user functionality
• Review applications tab
• Renew user certificate
• Manage access control list (ACL) groups
• Manage email notifications
Slide 2
![Page 3: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/3.jpg)
ISO PUBLIC – © 2015 CAISO
Access and Identity Management (AIM) Application
• AIM provides registered application access Point Of
Contacts (POCs) the ability to manage their user
application access, including automated provisioning and
removal as well as automated certificate renewals.
• Email [email protected] to obtain AIM access
Slide 3
![Page 4: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/4.jpg)
ISO PUBLIC – © 2015 CAISO
Key Concepts
• A digital certificate is required to access ISO applications
• “Create new user” issues a new certificate for that user
• “Access request” grants access to specific applications
• “Endorsed user” has been given access to your
organization’s assets, but is not directly employed by
your organization
Slide 4
![Page 5: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/5.jpg)
ISO PUBLIC – © 2015 CAISO
POCs for Multiple Organizations
• CAISO will distribute additional certificates for POCs
representing multiple organizations
• Install all certificates in your Internet Explorer browser
• Upon login select applicable certificate for the
organization you wish to provision access
Slide 5
![Page 6: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/6.jpg)
ISO PUBLIC – © 2015 CAISO
POC Profile
![Page 7: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/7.jpg)
ISO PUBLIC – © 2015 CAISO
POC Profile
• Information about the individual POC
Slide 7
![Page 8: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/8.jpg)
ISO PUBLIC – © 2015 CAISO
Opt-out of Weekly Certificate Expiry Email
• POCs receive a weekly email notifying them of the user
certificates that will be expiring in the near future
• A field on the POC Profile screen allows the POC to opt-
out of these notices
• Change to “No” to opt-out of weekly emails
Slide 8
![Page 9: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/9.jpg)
ISO PUBLIC – © 2015 CAISO
POC Profile
Slide 9
• List of ISO
applications and
SCIDs POC can
grant access to
![Page 10: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/10.jpg)
ISO PUBLIC – © 2015 CAISO
Create New User
![Page 11: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/11.jpg)
ISO PUBLIC – © 2015 CAISO
Create New User
• Click Create
New User button
• User must be
created before
access request
can be submitted
Slide 11
![Page 12: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/12.jpg)
ISO PUBLIC – © 2015 CAISO
Users – Create New User button
• System will validate
new users based on
last name and email
match within the
POC’s organization
Slide 12
![Page 13: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/13.jpg)
ISO PUBLIC – © 2015 CAISO
Add/Remove User Access
![Page 14: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/14.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 14
• Click pencil
button to create
new request
![Page 15: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/15.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 15
• Click New Row
button to add a
new row
![Page 16: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/16.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 16
• Enter a
description for
the new request
• Click Update
button
![Page 17: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/17.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 17
• Select user(s)
and click Add
button
![Page 18: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/18.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 18
• User(s) move to
Selected Users
box
![Page 19: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/19.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 19
• Move to Select
Applications and
Roles tab
• Select Available
Applications/Roles
and click Add
button
![Page 20: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/20.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 20
• Add or remove access
• Choose Action, Application,
Role, Environment and Entity
(SCID) and click Update button
![Page 21: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/21.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
Slide 21
• Click Preview
button to
review request
![Page 22: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/22.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – New Request
• Review access request for accuracy
• Click Submit button to complete request
Slide 22
![Page 23: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/23.jpg)
ISO PUBLIC – © 2015 CAISO
View Request History
![Page 24: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/24.jpg)
ISO PUBLIC – © 2015 CAISO
Access Request – Request History
• View requests for access
Slide 24
![Page 25: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/25.jpg)
ISO PUBLIC – © 2015 CAISO
View Users
• My Users
• Endorsed Users
![Page 26: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/26.jpg)
ISO PUBLIC – © 2015 CAISO
Users
• View “my users”
and “users
endorsed to me”
Slide 26
![Page 27: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/27.jpg)
ISO PUBLIC – © 2015 CAISO
Users – My Users
• Contains All users within
the POC’s organization
• Columns in ALL CAPS
contain clickable fields
that will display a pop up
window containing
additional information
Slide 27
![Page 28: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/28.jpg)
ISO PUBLIC – © 2015 CAISO
User Profile (PROFILE button)
• Personal contact and certificate information for selected
user
• POC will access this screen to revoke all access from a
specific user
Slide 28
![Page 29: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/29.jpg)
ISO PUBLIC – © 2015 CAISO
Current User Access (ACCESS button)
• Lists all applications and entities the selected user has
access to
• If the user has been endorsed by another organization,
the entity for that organization will be included on this list
Slide 29
![Page 30: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/30.jpg)
ISO PUBLIC – © 2015 CAISO
Users – Users Endorsed to Me
• Displays all endorsed users
Slide 30
![Page 31: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/31.jpg)
ISO PUBLIC – © 2015 CAISO
Current Endorsed User Access (ENDORSED ACCESS
button)
• Displays a list of all applications the endorsed user has
access to
Slide 31
![Page 32: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/32.jpg)
ISO PUBLIC – © 2015 CAISO
Endorsed User Functionality
• Endorsed Users Without Access (in POC Profile)
• Endorse/UnEndorse My Users
• UnEndorse Users Endorsed to Me
• Add/Remove Endorsed User Access
• Endorsed Access Request History
![Page 33: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/33.jpg)
ISO PUBLIC – © 2015 CAISO
POC Profile – Endorsed Users without Access
• Users endorsed to your organization who have no
access to your data are shown here
Slide 33
![Page 34: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/34.jpg)
ISO PUBLIC – © 2015 CAISO
Endorsed Access Request – Endorse/UnEndorse My
Users
Slide 34
• Endorse your user to
another organization
• Request can contain
multiple users
• One organization at a
time
(top of screen)
![Page 35: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/35.jpg)
ISO PUBLIC – © 2015 CAISO
Endorsed Access Request – Endorse/UnEndorse My
Users
• Use this screen to “UnEndorse” or remove your user’s
access to another organization’s assets
Slide 35
(bottom of screen)
![Page 36: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/36.jpg)
ISO PUBLIC – © 2015 CAISO
Endorsed Access Request – UnEndorse Users
Endorsed to Me
• Use this screen to “UnEndorse” or remove ALL access
from another organization’s user
Slide 36
![Page 37: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/37.jpg)
ISO PUBLIC – © 2015 CAISO
Endorsed Access Request – Add/Remove Endorsed
User Access
Slide 37
• Use this screen to
add/remove access for
an endorsed user
• (Note: These steps are
the same as those on
slides 14-22)
![Page 38: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/38.jpg)
ISO PUBLIC – © 2015 CAISO
Endorsed Access Request – Endorsed Access
Request History
• View requests for access for endorsed users
Slide 38
![Page 39: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/39.jpg)
ISO PUBLIC – © 2015 CAISO
Applications
![Page 40: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/40.jpg)
ISO PUBLIC – © 2015 CAISO
Applications
Slide 40
• View list of
users sorted by
application
• My users
• Endorsed users
• Use filters to
sort this list
• Click Apply to
view all users for
all applications
![Page 41: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/41.jpg)
ISO PUBLIC – © 2015 CAISO
Certificate Renewal
![Page 42: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/42.jpg)
ISO PUBLIC – © 2015 CAISO
Certificate Renewal
• Use filters to display certificates in date increments
• Cannot be renewed more than 90 days in advance
• Click the Renew or Let Expire button to manage user’s
certificate
Slide 42
![Page 43: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/43.jpg)
ISO PUBLIC – © 2015 CAISO
Access Control List (ACL) Groups
![Page 44: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/44.jpg)
ISO PUBLIC – © 2015 CAISO
Access Control List (ACL) Functionality
• An Access Control List (ACL) defines the access rights
each user has to particular assets (resources)
• ACL functionality added for Outage Management System
(OMS) application at the asset level
• POCs will create a new ACL group to isolate and grant
access to a single asset (or group of assets)
Slide 44
![Page 45: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/45.jpg)
ISO PUBLIC – © 2015 CAISO
Access Control List (ACL) Functionality
1. Create ACL group
2. Add assets to group
Slide 45
1
2
![Page 46: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/46.jpg)
ISO PUBLIC – © 2015 CAISO
Email Configuration
![Page 47: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/47.jpg)
ISO PUBLIC – © 2015 CAISO
Email Configuration
• Allows POC to provide additional email addresses to
receive email notification of system activity
Slide 47
• Note: This screen
contains draft text
that will be
updated when
AIM
enhancements
are activated
![Page 48: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/48.jpg)
ISO PUBLIC – © 2015 CAISO
Conclusion
View POC profile
Create new user
Add/remove user access
View request history
View users
Endorsed user functionality
Review applications tab
Renew user certificate
Manage access control list (ACL) groups
Manage email notifications
Slide 48
![Page 49: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/49.jpg)
ISO PUBLIC – © 2015 CAISO
Questions?
Slide 49
![Page 50: Access and Identity Management Training - California ISO · 2018-02-10 · Access and Identity Management (AIM) Application • AIM provides registered application access Point Of](https://reader036.vdocuments.us/reader036/viewer/2022070714/5ed47e710ee59818db5d425f/html5/thumbnails/50.jpg)
ISO PUBLIC – © 2015 CAISO
Questions?
• Massih Ahmadi
– 916-608-5861
• AIM User Guide: http://www.caiso.com/Documents/AccessandIdentityManagement_AIM_UserGuide.pdf
Slide 50