Credentialing is an important step in securing your MAG account, and most Partners require a security credential to access their applications. To obtain credentials, make sure to complete all required steps for your specific credential. For more information on your specific credential type, please review the One-Time Password, Federated Identity Service, DoD CAC, or Enterprise Access Gateway pages.
Please see the PolicyPro and Certification Assistant pages, for instructions and help on completing a license key purchase via Exostar’s web store.
Step 1. Determine Credential Type
To access your applications, your partner may require a two-factor authentication credential (2FA) in conjunction with your User ID/Email Address and Password. Please review the table below to find out what credentials are accepted by your Partner, or reach out to your Partner directly:
| Application / Partner | Acceptable Credentials |
|---|---|
| BAE Systems Portal | Main Credential: – Phone OTP with proofing Other Acceptable Credentials: – Hardware OTP Token with proofing – Exostar Mobile ID with Proofing – FIS MLOA Hardware Certificates – DoD CAC – NGC OneBadge – Boeing SecureBadge – Enterprise Access Gateway (EAG) – Level 3 or above – NASA PIV Cards – Canada DND PKI Smart Card |
| BAES UK Maritime Naval Ships Windchill Project | – Phone OTP with or without Proofing – Hardware OTP Token – Exostar Mobile ID – FIS MLOA Software or Hardware Certificates |
| Blue Origin Onboarding Module Sourcing Procure to Pay | Main Credential: – Phone OTP without Proofing Other Acceptable Credentials: – Exostar Mobile ID without Proofing – Hardware OTP Token without Proofing – Enterprise Access Gateway (EAG) – FIS MLOA Hardware Certificates |
| Boeing Supplier Portal | Main Credential: – Hardware OTP Token with Proofing Other Acceptable Credentials: – FIS MLOA Hardware Certificates – Enterprise Access Gateway (EAG) – NGC OneBadge – Canada DND PKI Smart Card |
| Boeing SCP | Hardware OTP Token with Proofing |
| Boeing 787 SCMP | Hardware OTP Token with Proofing |
| Huntington Ingalls Industries / Information Manager | Main Credential: – Phone OTP without Proofing Other Acceptable Credentials: – Email or User ID and Password + FIS MLOA Hardware Certificates – DoD CAC – NGC OneBadge – Canada DND PKI Smart Card |
| Huntington Ingalls Industries / Onboarding Module | Main Credential: – Phone OTP without Proofing Other Acceptable Credentials: – Email or User ID and Password + FIS MLOA Hardware Certificates – DoD CAC – NGC OneBadge – Canada DND PKI Smart Card |
| L3Harris (Aerojet Rocketdyne) / Onboarding Module | Main Credential: – Phone OTP without Proofing Other Acceptable Credentials: – Email or User ID and Password + FIS MLOA Hardware Certificates – DoD CAC – NGC OneBadge – Canada DND PKI Smart Card |
| Lockheed Martin Aeronautical Aero JTD CSAS Web F-16 EDCS Airlift EDCS F-16 EDCS Palmdale F-22 Fleet Management Tool LM AeroSource F-35 Production Lockheed Martin OneAero Online Account Request System (OARS) Transportation Management System User Acceptance LM AeroSource | – Hardware OTP Token with level 3 proofing upgrade – Mobile ID with level 3 proofing upgrade – Phone OTP with level 3 proofing upgrade – FIS MLOA Hardware Certificates – Enterprise Access Gateway – NGC OneBadge – Common Access Card – Canadian DND PKI Smart Card |
| Lockheed Martin Ariba | Main Credential: – Phone OTP with Proofing Other Acceptable Credentials: – Exostar Mobile ID with Proofing – Hardware OTP Token with Proofing – Enterprise Access Gateway (EAG) – FIS MLOA Hardware Certificates |
| Lockheed Martin eInvoicing | Main Credential: – Phone OTP with Proofing Other Acceptable Credentials: – Exostar Mobile ID with Proofing – Hardware OTP Token with Proofing – Enterprise Access Gateway (EAG) – FIS MLOA Hardware Certificates |
| Lockheed Martin Procure to Pay (LMP2P) | Main Credential: – Phone OTP with Proofing Other Acceptable Credentials: – Exostar Mobile ID with Proofing – Hardware OTP Token with Proofing – Enterprise Access Gateway (EAG) – FIS MLOA Hardware Certificates |
| Lockheed Martin Onboarding Module (OBM) | Main Credential: – Phone OTP with Proofing Other Acceptable Credentials: – Exostar Mobile ID with Proofing – Hardware OTP Token with Proofing – Enterprise Access Gateway (EAG) – FIS MLOA Hardware Certificates |
| ProcurePass Buysite (BAE Systems) | Email or User ID and Password |
| Raytheon Supplier Portal Raytheon SecureForms Raytheon Supply Chain Platform (RSCP) | Main Credential: – Phone OTP with Proofing Other Acceptable Credentials: – Hardware OTP Token with Proofing – Enterprise Access Gateway (EAG) – FIS MLOA Hardware Certificates |
| Rolls-Royce Global Supplier Portal | – FIS Basic Certificates – FIS MLOA Software Certificates – FIS MLOA Hardware Certificates – Enterprise Access Gateway (EAG) – NGC OneBadge – Canada DND PKI Smart Card |
| Supply Chain Platform – BAE Systems | Main Credential: – Phone OTP with Proofing Other Acceptable Credentials: – Hardware OTP Token with Proofing – Exostar Mobile ID with Proofing – FIS MLOA Hardware Certificates – DoD CAC – Enterprise Access Gateway (EAG) – Level 3 or above |
| Supply Chain Platform – NNS | Main Credential: – Phone OTP without Proofing Other Acceptable Credentials: – Email or User ID and Password + FIS MLOA Hardware Certificates – DoD CAC – NGC OneBadge – Canada DND PKI Smart Card |
Step 2. Purchase Credentials
In order to access most Exostar applications, a two-factor authentication (2FA) credential is required. If the applications you need to access require 2FA, you must complete a purchase.
To Purchase Credentials:
1. Login to your MAG account. Click the Get 2FA button from the My 2FA Credentials section, or under the My Applications section, click Get 2FA from the specific application to open Exostar’s web store.
2. On the Purchase your Exostar Subscription page, select the desired credential, or filter credentials using the drop down provided. Click Next.
3. Enter Primary Information and Billing Address. Verify all information is correct. Click Next.
NOTE: If you are purchasing an OTP Hardware Token, you must enter a shipping address.
4. On the Payment page, select your payment method: Credit Card or Invoice. Complete all required fields and click Submit to complete your purchase.
NOTE: If you select Invoice, you will not receive your license key until Exostar receives full payment.
A confirmation screen displays and you receive a confirmation email with your license key.
2. On the Purchase your Exostar Subscription page, select the desired credential, or filter credentials using the drop down provided. Click Next.
3. Enter Primary Information and Billing Address. Verify all information is correct. Click Next.
NOTE: If you are purchasing an OTP Hardware Token, you must enter a shipping address.
4. On the Payment page, select your payment method: Credit Card or Invoice. Complete all required fields and click Submit to complete your purchase.
NOTE: If you select Invoice, you will not receive your license key until Exostar receives full payment.
A confirmation screen displays and you receive a confirmation email with your license key.
Step 3. Complete Identity Proofing
If you purchase a credential with identity proofing, you are prompted to verify your identity before you can activate your credential. See below for Identity Proofing methods.
Identity Proofing Methods:
We use two methods for verifying your identity:
1. Self-Service Mobile Proofing: If you are located in the United States, you can complete the self-service proofing process using your smartphone’s camera by providing your Social Security Number (SSN), driver’s license or passport.
2. Live Video Proofing: Users located outside of United States must schedule a live proofing session. US-based users may select live video proofing if they are unable to complete the Experian proofing.
Please refer to the Identity Proofing page to learn more about these types of identity proofing.
1. Self-Service Mobile Proofing: If you are located in the United States, you can complete the self-service proofing process using your smartphone’s camera by providing your Social Security Number (SSN), driver’s license or passport.
2. Live Video Proofing: Users located outside of United States must schedule a live proofing session. US-based users may select live video proofing if they are unable to complete the Experian proofing.
Please refer to the Identity Proofing page to learn more about these types of identity proofing.
Step 4. Activate Credentials
Once you complete your credential purchase, a confirmation screen displays with your license key. You can select to immediately activate your credential from the confirmation screen, or activate from the MAG dashboard via the My 2FA Credentials section.
NOTE: If you purchased an OTP Hardware Token, you will receive your Token in the mail via US Postal Service. Do not activate your hardware token until you receive it in the mail.
To Activate Credentials:
1. If you just completed the purchase and payment, select to Activate your License Key from the Order Confirmation screen.
NOTE: If you have an existing MAG account, login and from your MAG Dashboard, enter your License Key via the My 2FA Credentials section.
2. From the 2FA Credentials toolbar, find the Have a license key? section, and click Enter it here.
3. Enter your license key. Click Submit.
NOTE: If you have an existing MAG account, login and from your MAG Dashboard, enter your License Key via the My 2FA Credentials section.
2. From the 2FA Credentials toolbar, find the Have a license key? section, and click Enter it here.
3. Enter your license key. Click Submit.
To Activate Credentials after Identity Proofing:
If you completed your Identity Proofing, an Activation Code is provided to you by the Agent.
1. Login to your MAG account with your User ID/Email and Password.
2. From the My Account tab, select the Manage OTP sub-tab.
3. In the Introduction section, select the “To Register Credentials” click here link.
4. Enter your Activation Code, then proceed to register your credentials.
1. Login to your MAG account with your User ID/Email and Password.
2. From the My Account tab, select the Manage OTP sub-tab.
3. In the Introduction section, select the “To Register Credentials” click here link.
4. Enter your Activation Code, then proceed to register your credentials.
Credential FAQs
How do I Activate my Credential?
You might not be able to access your partner application because your credential needs to be activated. Specifically, this applies to such credentials as Phone OTP, OTP Hardware Token, and Exostar Mobile ID. Activation ensures your credential is attached to a specific MAG account. To activate your purchased credential:
1. Login to your MAG account. From the MAG Dashboard locate the My 2FA Credentials section.
2. Select the Have a license key? Enter it here option.
3. Enter your License key and proceed to registration.
NOTE: If you purchased a Hardware Token, please begin the activation process after you receive the token in mail.
1. Login to your MAG account. From the MAG Dashboard locate the My 2FA Credentials section.
2. Select the Have a license key? Enter it here option.
3. Enter your License key and proceed to registration.
NOTE: If you purchased a Hardware Token, please begin the activation process after you receive the token in mail.
How do I know which Credential to Purchase?
The credential type is dependent upon the security requirements for the application you are accessing. Please review the table above in Step 1. Determine Credential Type, if you cannot find the information or need additional assistance, please contact Exostar Customer Support or the representative of your Partner organization.
How do I Purchase or Upgrade my Current Credential?
If you cannot access your application, double-check with your partner to see what kind of credential they require to access the specific application. If you need a stronger credential or an upgrade to your current credential in the form of Identity Proofing, follow the steps below to complete your purchase:
1. Login to your MAG account, and navigate to the My Account tab.
2. Click the Manage OTP tab, and select the purchasing option that addresses your credentialing situation.
3. Scroll down and use the available buttons to either purchase a new credential, or add the proofing upgrade to your active credential.
NOTE: You can also access Exostar’s Web store by clicking the Billing and Support link, located in the bottom your MAG Home tab. Locate the desired credential, and follow the prompts to complete your purchase. We suggest using this option if the buttons under the Manage OTP sub-tab are temporarily unavailable.
1. Login to your MAG account, and navigate to the My Account tab.
2. Click the Manage OTP tab, and select the purchasing option that addresses your credentialing situation.
3. Scroll down and use the available buttons to either purchase a new credential, or add the proofing upgrade to your active credential.
NOTE: You can also access Exostar’s Web store by clicking the Billing and Support link, located in the bottom your MAG Home tab. Locate the desired credential, and follow the prompts to complete your purchase. We suggest using this option if the buttons under the Manage OTP sub-tab are temporarily unavailable.
How do I Renew my Expired Credential?
If your credential is expired, please follow these steps to complete your credential renewal:
1. Login to your MAG account, and click Billing and Support located in the bottom section of the Dashboard.
2. To renew expired credentials, click Subscription Renewals from the blue banner (top of page).
3. Select the product from the drop-down menu, and select Available Renewals.
4. Click Add to Cart. Follow the prompts to complete your renewal.
1. Login to your MAG account, and click Billing and Support located in the bottom section of the Dashboard.
2. To renew expired credentials, click Subscription Renewals from the blue banner (top of page).
3. Select the product from the drop-down menu, and select Available Renewals.
4. Click Add to Cart. Follow the prompts to complete your renewal.
How do I verify I am Logged into MAG with my Credential?
1. From the Dashboard, click Launch from the application card or you may click on Elevate Credential Strength button in the My 2FA Credentials section.
2. The Two-Step Verification page displays with a list of 2FA Credentials associated with your account.
3. Select one of the methods and proceed with the Authentication Process.
4. After you return to your MAG Dashboard, your Credential Strength updates and you should be able to open your application.
2. The Two-Step Verification page displays with a list of 2FA Credentials associated with your account.
3. Select one of the methods and proceed with the Authentication Process.
4. After you return to your MAG Dashboard, your Credential Strength updates and you should be able to open your application.
How do I download and login with my FIS MLOA Certificates?
If you purchased, but forgot to download the FIS MLOA Hardware Digital Certificates, you won’t be able to access the applications that require this certificate for access. Click here for instructions on how to complete the download, and then complete the steps below:
1. If you are not automatically prompted to select your FIS MLOA Hardware certificates during login to MAG, close your browser and navigate to https://portal.exostar.com.
2. Plug the FIS Hardware Token into your computer.
3. Select the Certificates option from the login screen.
4. When the certificate prompt displays, select the Certificate and click OK.
5. Enter your Token Password.
NOTE: If you forget this password, you must go through the proofing process again, as this password cannot be reset.
6. Verify you successfully logged in with your credential. (The credential strength can be viewed in the My 2FA Credentials section on your Dashboard).
The credential strength field should display Medium Hardware Cert.
1. If you are not automatically prompted to select your FIS MLOA Hardware certificates during login to MAG, close your browser and navigate to https://portal.exostar.com.
2. Plug the FIS Hardware Token into your computer.
3. Select the Certificates option from the login screen.
4. When the certificate prompt displays, select the Certificate and click OK.
5. Enter your Token Password.
NOTE: If you forget this password, you must go through the proofing process again, as this password cannot be reset.
6. Verify you successfully logged in with your credential. (The credential strength can be viewed in the My 2FA Credentials section on your Dashboard).
The credential strength field should display Medium Hardware Cert.
What do the Different Statuses mean? What do I do if it does not show “Active”?
You can view the status of your applications from the Dashboard (home) tab (under the My Applications section) of your MAG account. Unless you see Launch under the application you want to use, you might need to wait or to reach out for help to Exostar Customer Support.
View the MAG Navigation page to see the Application Statuses table.
View the MAG Navigation page to see the Application Statuses table.
For additional questions or issues with credentialing, please view the MAG Registration and Login FAQs page.