Configure Imprivata MDA with Zebra Access Management System (ZAMS)

Configure Imprivata MDA to integrate with the Zebra Access Management System (ZAMS) to allow authentication to mobile devices managed by Zebra Intelligent Cabinet.

NOTE:

The integration between Imprivata MDA and ZAMS is configured via the AppConfig using an MDM. The Imprivata MDA integration with ZAMS does not require a profile creation and deployment in Imprivata Enterprise Access Management.

Workflow

At the beginning of the shift, the user picks up the device from the Zebra Intelligent Cabinet.
Imprivata MDA prompts the user for credentials to log into the device.
- Users authenticate by tapping their proximity card, and optionally, entering their password or an Imprivata PIN as a second factor.
- Imprivata MDA acts as the lock screen and as the provider of single sign-on.
At shift end, the user returns the device to the Zebra Intelligent Cabinet. Imprivata MDA logs the user out.
The device begins charging and is ready for the next user to pick it up. The ZAMS charging screen or ZAMS screen saver displays instead of the Imprivata MDA lock screen.
- If Imprivata MDA is configured via AppConfig to lock the device or log user out during charging via AppConfig, these settings are ignored for ZAMS.

Prerequisites

Take note of the following prerequisites:

Requires Imprivata MDA 7.9 or later.
Requires ZAMS v2.2.9 or later. For more information, see your Zebra ZAMS and Intelligent Cabinet documentation.
Requires the ZAMS Android app installed on the mobile devices.

Critical Alarm Sending Apps and Lock Task Mode

It is recommended that Imprivata MDA be the only app on the device that is running in Lock Task mode. However, when the Imprivata MDA app is configured to run with Lock Task mode, other apps that send Critical Alarms will not be able to show a Critical Alarm over the Imprivata MDA lock screen.

The apps that send Critical Alarm notifications should be added to the allowlist in the following places:

In the Imprivata Admin Console, by adding the app packages to the Allow lock screen notifications list in Mobile Policy.
In your MDM configuration, by allowing the apps for Lock Task mode.

Configure the MDM AppConfig

The integration with ZAMS is defined in the MDM AppConfig. For additional information on configuring apps via AppConfig, see your MDM documentation.

See the Imprivata MDA AppConfig Reference for supported MDM AppConfig keys.

To enable the integration with ZAMS, add the following key:

ConfigFlags - Allows Zebra Access Management System in Imprivata MDA.
- The AppConfig Configuration Key field for this feature is "ConfigFlags".
- The AppConfig Value Type for this feature is "String".
- The AppConfig Value is zams.