Table | cm_cmp_enrollment_configurations |
---|---|
Description | CMP enrollment configuration |
- Although the data model permits multiple CMP enrollment configurations to be defined, COmanage Registry currently only permits one active configuration for the platform.
- There is no REST interface to this table since it is intended to configure the COmanage Registry UI.
- CO enrollment flows are handled via cm_co_enrollment_flows.
Column | Format | Description | Definition | Comments |
---|---|---|---|---|
id | integer, primary key | Row identifier | autoincrement | |
name | varchar(128) | Configuration Name | ||
attrs_from_ldap | boolean | Should CMP enrollment attempt to pull attributes from an organizational LDAP server before prompting for attributes? |
| Deprecated |
attrs_from_saml | boolean | If the enrollee must authenticate, should CMP enrollment attempt to extract attributes from a SAML assertion before prompting for attributes? |
| Deprecated |
attrs_from_env | boolean | Should organizational identity attributes be extracted from the server environment? (eg: those that might be set by the web server auth module.) |
| |
attrs_from_coef | boolean | Should CO enrollment flows be able to prompt for organizational identity attributes? (These attributes will be considered less authoritative than if they had been obtained via LDAP or SAML.) |
| |
authn_events_record_apiusers | boolean | Should API User's Authentication Events be recorded? |
| |
pool_org_identities | boolean | Should organizational identities be pooled and made available to all COs on the CMP? |
| See CO-193 for additional information |
sponsor_enroll | boolean | Do enrollees need to have a sponsor to enroll? |
| Not implemented |
sponsor_active | boolean | Do enrollees need to have a sponsor to stay enrolled? |
| Not implemented |
eds_help_url | varchar(256) | For the Shibboleth Embedded Discovery Service, the help URL to publish | ||
eds_preferred_idps | text(4000) | For the Shibboleth Embedded Discovery Service, the entityIds to always show (one per line) | ||
eds_hidden_idps | text(4000) | For the Shibboleth Embedded Discovery Service, the entityIds to hide (one per line) | ||
env_mfa | varchar(80) | If set, MFA is required to login to most Registry pages, and this configuration holds the Environment Variable name that indicates if MFA was asserted | Added in Registry v4.5.0 | |
env_mfa_value | varchar(80) | If env_mfa is enabled, the expected value of the Environment Variable when MFA was asserted | Added in Registry v4.5.0 Defaults to | |
redirect_on_logout | varchar(1024) | Redirect URL when user logs out | Added in Registry v4.0.0 | |
app_base | varchar(64) | Cached application base for use in generating notification URLs | Added in Registry v4.0.0 | |
status | varchar(2) | Configuration status |
| Only one CMP configuration may be active |