NCID Citizen Identity Project

The N.C. Department of Information Technology is updating the N.C. Identity Management (NCID) service through the Citizen Identity Project. This involves enhancing security, improving self-service and moving external user identities from the department’s on-prem infrastructure to a modern cloud-based service. 

The information below provides project status information to state and local government agency employees who have public-facing applications that use NCID and that will be affected by this project.

Tab/Accordion Items

Project Goals

  • Adopt security best practices by separating external users (citizen and business accounts) from internal work force users (state and local government employee accounts). Currently, all types of user identities are stored together in one repository. 
  • Improve self-service options whereby citizen and business users can unlock accounts themselves and resolve and reset forgotten passwords without having to contact the NCDIT Service Desk.
  • Allow and enable NCID logins using personal social credentials. For example, individuals could use their Gmail account credentials to register with NCID. Since people use their social logins more frequently, they tend to remember these credentials. As a result, people can minimize forgetting and resetting their passwords, and they can unlock their own accounts.
  • Enable multi-factor authentication for both external and internal work force users. Currently, only internal work force individuals use MFA. MFA provides an additional layer of security by requiring users to authenticate with their user ID and password combination as well as an additional code that is sent to their validated email address or phone number. 
  • Support user identity proofing confirmation. This is required by some applications that allow external user identities. Identity proofing is a security approach to confirm that a person logging in is who they say they are. User identity can be verified by a) physical identification documents, such as a driver’s license, b) knowledge-based security questions, such as asking the user to pick their past address from a list of addresses, c) biometrics. 
  • Implement high-availability functionality. This provides system redundancy that enables agency applications to failover with negligible downtime in the event of system interruption.

Project Status

Date Activity
Jan. 25, 2024 Townhall session for the Simeio SAML solution
Sept. 17, 2023 Implemented production cutover
Sept. 1-14, 2023 Code freeze
Aug. 31, 2023 Go/no-go decision call: Go
July 31, 2023 Go/no-go decision call: No-go
June to July 2023 Load testing web services and fine-tuning
June to July 2023 Load testing user interface screens and fine-tuning
June to mid-July 2023 Resolve open defects
May 5, 2023 Go/no-go decision call: No-go
March 5, 2023 Implemented pre-prod cutover
Feb. 15, 2023 Town hall session for NCDIT Service Desk
Jan. 13, 2023 Town hall session for SAML integration
Jan. 12, 2023 Town hall session for shared LDAP integration
Jan. 10, 2023 Town hall session for HTTP proxy integration
Dec. 14, 2022 Town hall session for directory sync integration
Dec. 13, 2022 Town hall session for web service integration
December 2022 HTTP proxy integration testing in development by agency applications
December 2022 Web service integration testing in development by agency applications
April to June 2022 Reached out to agencies to confirm application owners
March 2022 Business requirements document, design discussions, establish connectivity for development environments
January to February 2022 Requirements-gathering workshops
December 2021 Project kick-off meeting
October 2021 Contract awarded to Simeio Solutions LLC

Upcoming Activities*

*Dates are projections and may change.

What Who When Why
Migrate Shared LDAP applications to Simeio Simeio/agency app owners January to August 2024 To move away from Shared LDAP
Migrate SAML applications to Simeio access manager Simeio/agency app owners January to August 2024 To move away from NetIQ access manager
Migrate HTTP proxy applications to Simeio’s HTTP proxy solution  Simeio/agency app owners May to September 2024 To move away from NetIQ HTTP proxy solution


  • Initial implementation is focused on migrating existing external identities to Simeio followed by migrating applications using external identities to Simeio while keeping application impact to a minimum.
  • Implementation for social logins, multifactor authentications, identity proofing will occur in a later phase.
  • Please check out frequently asked questions.