...
Note |
---|
This document describes the Registry Enrollment mechanism introduced as part of COmanage Registry v0.9.4. For Registry Enrollment in older versions, see Registry Enrollment (OldRev 1, Registry 0.9.3 and earlier). |
About Registry Enrollment
By default, COmanage Registry uses an invitation based workflow.
COmanage Registry can also use customized Enrollment Flows to onboard new people into each organization. Enrollment Flows consists of a series of pre-defined steps, the execution of which is managed by Registry in accordance with the configuration of each specific Flow.
Enrollment Flow Steps
See also: Registry Enrollment Flow Diagram
...
Step | Description | Core Step Executes If | Plugins Run If Core Doesn't? (Optional) | Petition Status Following Step | Since |
---|---|---|---|---|---|
start | Initial step of an enrollment flow. The Petition artifact is created following successful completion (including any Plugins) of this step. | Introduction Text is defined | Yes | Created | v0.9.4 |
selectEnrollee | Select an existing identity (CO Person or Org Identity) for this enrollment. | Identity Matching is set to Self or Select | No | Created | v0.9.4 |
selectOrgIdentity | Select an Org Identity via an Org Identity Source for this enrollment. | One or more Enrollment Sources is attached in Search mode, and the petitioner is an admin | No | Created | v2.0.0 |
petitionerAttributes | Collect attributes from the Petitioner. | Any Enrollment Attributes are defined | Yes | Created* | v0.9.4 |
tandcPetitioner | Require agreement to Registry Terms and Conditions. | Terms and Conditions Mode is set to Explicit Consent or Implied Consent, and at least one T&C is Active, and Petitioner Enrollment Authorization is None or Authenticated User. | Yes (if Mode is Explicit Consent or Implied Consent) | Created | v4.1.0 |
sendConfirmation | Send an email to confirm deliverability of Enrollee email address. | Require Confirmation of Email is set | No | Pending Confirmation | v0.9.4 |
processConfirmation | Process the response to the email sent in the sendConfirmation step. | Require Confirmation of Email is set | No | Confirmed or Declined | v0.9.4 |
collectIdentifier | The identifier used by the enrollee to authenticate (eg: Automatic linking for existing identifiers is handled in this step. | Require Confirmation of Email and Require Authentication are set | No | Confirmed | v0.9.4 |
checkEligibility | Determine if the Enrollee is allowed to enroll, by querying an Organizational Identity Source for eligibility. | One or more Enrollment Sources is attached is attached in Search or Search, Required mode, and the petitioner is not an admin | No | Confirmed or Denied | v2.0.0 |
tandcAgreement | Require agreement to Registry Terms and Conditions. | Terms and Conditions Mode is set to Explicit Consent or Implied Consent, and at least one T&C is Active, and (as of Registry v4.1.0) Petitioner Enrollment Authorization is not None or Authenticated User. | Yes (if Mode is Explicit Consent or Implied Consent) | Confirmed | v4.0.0 |
establishAuthenticators | Allow the Enrollee to set up Authenticators. | Establish Authenticators is set | No | Confirmed | v3.3.0 |
requestVetting | Request Vetting for the Enrollee. | Request Vetting is set | No | Pending Vetting | v4.1.0 |
sendApproverNotification | Notify the approvers configured for the Enrollment Flow that the Petition is read for review and approval. | Require Approval For Enrollment is set | No | Pending Approval | v0.9.4 |
approve | Process Petition approval. | Require Approval For Enrollment is set | No | Approved | v0.9.4 |
deny | Process Petition denial. | Require Approval For Enrollment is set | No | Denied | v0.9.4 |
sendApprovalNotification | Notify the enrollee that their Petition has been approved. | Require Approval For Enrollment is set | No | Approved | v0.9.4 |
finalize | If the Petition is not denied, assign identifiers and set person status to Active. | No | Finalized or Denied | v0.9.4 | |
provision | If the Petition is finalized, provision services. | No | Finalized | v1.0.1 |
* New Person/Role status set to Pending
Plugin Execution
Enrollment Flows support Plugins as a way of customizing beyond what is supported out of the box. See Writing Registry Plugins for more details.
...