During the implementation process your agency USA Hire Interview implementation project manager and project team will work with your agency network team to implement the USA Hire Interview network access guidance and follow the PIV authentication steps.
The below guidance was provided to your agency project team:
Network Access Guidance
An agency network or VPN may prevent agency users from accessing their assigned interviews. To prevent this, provide your agency network team or CIO team the below network access requirements:
- For customers accessing the USA Hire Interview Platform on networks with limited internet access, you may need to work with your network team to allow access to *.apps.pdricloud.com, *.pivauth.pdricloud.com, d1vtynxd31reh1.cloudfront.net, fonts.googleapis.com, and fonts.gstatic.com.
- For digital interviewing capabilities, access must be allowed to *.chime.aws (TCP:443, UDP:3478), *.sdkassets.chime.aws (TCP:443), and *.amazonaws.com (TCP:443).
PIV Authentication
USA Hire Interview requires that agency users sign into USA Hire Interview through anti-phishing multi-factor authentication. Agency PIV authentication meets this requirement but will require coordination with our vendor to get set up. Provide your agency network team or CIO team the below PIV access requirements:
- Step 1: Ensure the USA Hire Interview network access guidance requirements have been met (especially unfettered access to *.pivauth.pdricloud.com).
- Step 2: Ask your security office to provide:
- The official Certificate Authority (CA) certificate chains that should be used to validate identity certificates on agency PIV/CAC. This should include all PIV/CAC issuing, intermediate, and root CAs.
- The OCSP endpoint used to check for certificate revocation.
- Step 3: Appoint an agency point of contact (e.g., a member of the project team) to help test PIV/CAC authentication.