By default, COmanage Registry accepts identifiers of any format, as long as they are unique for a given type within a CO. That is, two CO People within the same CO may not have the same identifier of the same type.

As of Registry v2.0.0, Identifier Validation Plugins allow for additional validation to take place. Supported use cases include

  • Extending availability checks beyond the Registry database. This is useful to (eg) prevent assignment of identifiers that conflict with identifiers managed by other systems, such as email aliases.
  • Verifying that a new identifier does not violate restrictions on formats imposed by integrated systems.

As of Registry v3.3.0, CO Groups may also have Identifiers, and the same restrictions (two CO Groups within the same CO may not have the same identifier of the same type) applies. Identifier Validation Plugins are called for Identifiers attached to CO Groups.


Plugins must be instantiated (CO >> Configuration >> Identifier Validators) by attaching them to the type of identifier to be validated. Validators can be attached to multiple types (including both Email Address and Identifier types), and a given type can have multiple Validators attached.


  • Validation applies only to CO Person records, not Org Identity records. (CO-478)
  • As of Registry v3.3.0, validation also applies to CO Group records.
  • Note that while Validators can apply to Email Addresses, the uniqueness check described above applies only to Identifiers attached to CO Person or CO Group records.)
  • Identifiers and Email Addresses generated via Identifier Assignment are subject to validation.
  • Identifiers and Email Addresses loaded via Organizational Identity Sources and Registry Pipelines are not subject to availability checks or validation.

Technical Notes

To skip availability checks, including all Identifier Validation Plugin calls, use save($data, array('skipAvailability' => true)).

  • No labels