CMS' Identity Management

CMS' Identity Management (IDM) system is an established, enterprise-wide, identity management solution. IDM is leveraged by CMS business applications across the agency. End users of all business applications that integrate with this solution can use a single set of user credentials to access any integrated application.

Accessing an Application Integrated with IDM

Your organization or CMS contact can help you with the information that you will need for registration, such as application name, application role, Organization Legal Business Name, Taxpayer Identification Number, or other required information to request an application role. Not every CMS application requires the same information so it is important to get the specifics directly from your organization or CMS contact.

CMS IDM encourages all integrated applications to tailor the IDM User Guide specifically to their application.  If you are new to IDM, you should reach out to your organization or CMS contact to request application specific documentation.

System Security

The use of IDM accounts are reserved for the account owner, meaning each individual user must create and use their own account within IDM. Once created, these credentials serve as your electronic signature within the Agency. You will be held responsible for the consequences of unauthorized or illegal transactions.

Users that breach IDM’s Terms & Conditions may have their account suspended and/or realize adverse action up to and including legal prosecution. Examples of user agreement violations include users sharing their account with another individual or using screen scraping software. In such cases, the application’s Tier 1 Help Desk, the individual responsible for approving the user’s application role, or the CMS appointed Business Owner of the application will request that the user’s account be suspended. Please note that users, through no fault of their own, may also be suspended if their identity has been stolen and their account is at risk of being accessed fraudulently.

Regardless of culpability, once an account has been suspended the user will lose access to IDM, as well as all CMS applications that are accessed through IDM. Only IDM Tier 2 personnel can unsuspend an account. Users will be unsuspended once the reason for suspension has been fully mitigated.