diff --git a/services/security/identity/identity.go b/services/security/identity/identity.go
index 2a7e7cd..26f01b0 100644
--- a/services/security/identity/identity.go
+++ b/services/security/identity/identity.go
@@ -9,15 +9,29 @@ import (
 	"github.com/microsoft/moc/pkg/errors"
 	"github.com/microsoft/moc/pkg/status"
 	wssdcloudsecurity "github.com/microsoft/moc/rpc/cloudagent/security"
+	wssdcloudcommon "github.com/microsoft/moc/rpc/common"
 )
 
 func getIdentity(id *wssdcloudsecurity.Identity) *security.Identity {
+	clitype := security.ExternalClient
+	if id.ClientType == wssdcloudcommon.ClientType_CONTROLPLANE {
+		clitype = security.ControlPlane
+	} else if id.ClientType == wssdcloudcommon.ClientType_NODE {
+		clitype = security.Node
+	}
+
 	return &security.Identity{
-		ID:    &id.Id,
-		Name:  &id.Name,
-		Token: &id.Token,
+		ID:          &id.Id,
+		Name:        &id.Name,
+		Token:       &id.Token,
+		TokenExpiry: &id.TokenExpiry,
+		Location:    &id.LocationName,
 		IdentityProperties: &security.IdentityProperties{
-			Statuses: status.GetStatuses(id.GetStatus()),
+			Statuses:      status.GetStatuses(id.GetStatus()),
+			ClientType:    clitype,
+			CloudFqdn:     &id.CloudFqdn,
+			CloudPort:     &id.CloudPort,
+			CloudAuthPort: &id.CloudAuthPort,
 		},
 	}
 }
@@ -26,7 +40,41 @@ func getWssdIdentity(id *security.Identity) (*wssdcloudsecurity.Identity, error)
 	if id.Name == nil {
 		return nil, errors.Wrapf(errors.InvalidInput, "Identity name is missing")
 	}
-	return &wssdcloudsecurity.Identity{
+
+	wssdidentity := &wssdcloudsecurity.Identity{
 		Name: *id.Name,
-	}, nil
+	}
+
+	if id.TokenExpiry != nil {
+		wssdidentity.TokenExpiry = *id.TokenExpiry
+	}
+
+	if id.Location != nil { // WIll need to do error checking if location not set !!!!s
+		wssdidentity.LocationName = *id.Location
+	}
+
+	clitype := wssdcloudcommon.ClientType_EXTERNALCLIENT
+	if id.IdentityProperties != nil {
+		if id.IdentityProperties.ClientType == security.ControlPlane {
+			clitype = wssdcloudcommon.ClientType_CONTROLPLANE
+		} else if id.IdentityProperties.ClientType == security.Node {
+			clitype = wssdcloudcommon.ClientType_NODE
+		}
+
+		if id.IdentityProperties.CloudFqdn != nil {
+			wssdidentity.CloudFqdn = *id.CloudFqdn
+		}
+
+		if id.IdentityProperties.CloudPort != nil {
+			wssdidentity.CloudPort = *id.CloudPort
+		}
+
+		if id.IdentityProperties.CloudAuthPort != nil {
+			wssdidentity.CloudAuthPort = *id.CloudAuthPort
+		}
+	}
+
+	wssdidentity.ClientType = clitype
+
+	return wssdidentity, nil
 }
diff --git a/services/security/identity/wssd.go b/services/security/identity/wssd.go
index 7b87dd1..03fc928 100644
--- a/services/security/identity/wssd.go
+++ b/services/security/identity/wssd.go
@@ -10,6 +10,7 @@ import (
 	wssdcloudclient "github.com/microsoft/moc-sdk-for-go/pkg/client"
 	"github.com/microsoft/moc-sdk-for-go/services/security"
 	"github.com/microsoft/moc/pkg/auth"
+	"github.com/microsoft/moc/pkg/errors"
 	wssdcloudsecurity "github.com/microsoft/moc/rpc/cloudagent/security"
 	wssdcloudcommon "github.com/microsoft/moc/rpc/common"
 	log "k8s.io/klog"
@@ -44,6 +45,10 @@ func (c *client) Get(ctx context.Context, group, name string) (*[]security.Ident
 
 // CreateOrUpdate
 func (c *client) CreateOrUpdate(ctx context.Context, group, name string, sg *security.Identity) (*security.Identity, error) {
+	if sg.Name == nil {
+		return nil, errors.Wrapf(errors.InvalidConfiguration, "Missing Name for Identity")
+	}
+
 	request, err := getIdentityRequest(wssdcloudcommon.Operation_POST, name, sg)
 	if err != nil {
 		return nil, err
diff --git a/services/security/security.go b/services/security/security.go
index d966528..be26223 100644
--- a/services/security/security.go
+++ b/services/security/security.go
@@ -159,6 +159,14 @@ const (
 	StoragePermissionsUpdate StoragePermissions = "update"
 )
 
+type ClientType string
+
+const (
+	ControlPlane   ClientType = "ControlPlane"
+	ExternalClient ClientType = "ExternalClient"
+	Node           ClientType = "Node"
+)
+
 // Permissions permissions the identity has for keys, secrets, certificates and storage.
 type Permissions struct {
 	// Keys - Permissions to keys
@@ -283,6 +291,14 @@ type CertificateRequest struct {
 type IdentityProperties struct {
 	// State - State
 	Statuses map[string]*string `json:"statuses"`
+	// CloudAgent FQDN
+	CloudFqdn *string `json:"cloudfqdn,omitempty"`
+	// CloudAgent port
+	CloudPort *int32 `json:"cloudport,omitempty"`
+	// CloudAgent authentication port
+	CloudAuthPort *int32 `json:"cloudauthport,omitempty"`
+	// Client type
+	ClientType ClientType `json:"clienttype,omitempty"`
 }
 
 // Identity defines the structure of a identity
@@ -295,8 +311,12 @@ type Identity struct {
 	Type *string `json:"type,omitempty"`
 	// Token
 	Token *string `json:"token,omitempty"`
+	// Token Expiry
+	TokenExpiry *int64 `json:"tokenexpiry,omitempty"`
 	// Certificate string encoded in base64
 	Certificate *string `json:"certificate,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
 	// Tags - Custom resource tags
 	Tags map[string]*string `json:"tags"`
 	// Properties