...
Column | Format | Description | Definition | Comments |
---|---|---|---|---|
id | integer, primary key | Row identifier | autoincrement | |
name | varchar(128) | Flow Name | ||
sor_label | varchar(40) | SOR Label used in match requests | ID Match API | Added in Registry v4.1.0 |
co_id | integer, foreign key | CO Record ID | cm_cos:id | |
authz_level | varchar(2) | Authorization required to execute this enrollment flow |
| |
authz_cou_id | integer, foreign key | COU Record ID when authz_level is UA or UP | cm_cous:id | |
authz_co_group_id | integer, foreign key | CO Group Record ID when authz_level is CG | cm_co_groups:id | |
my_identity_shortcut | boolean | Whether a link to this flow should be rendered in the "My Identity" menu |
| Added Registry v3.2.0 |
co_pipeline_id | integer, foreign key | CO Pipeline to run for Org Identities created using this Flow | cm_co_pipelines:id | Unused, removed as of Registry v3.3.0 |
match_policy | varchar(2) | Policy for matching against existing CO People |
| |
match_server_id | integer, foreign key | Match Server ID when match_policy is External | cm_servers:id | Added Registry v4.1.0 |
enable_person_find | boolean | Enable People Picker API for unregistered petitioners associated with this Enrollment Flow |
| Added Registry v3.3.0 |
approval_required | boolean | Is approval required before any provisioning may occur? |
| Approvers defined by |
approver_co_group_id | integer, foreign key | CO Group Record ID for group whose members are authorized to approve petitions created by this flow | cm_co_groups:id | |
verify_email | boolean | Do org identity email addresses need to be verified? |
| Verification sends an email to the address with a URL Deprecated as of v2.0.0, use email_verification_mode instead |
email_verification_mode | varchar(2) | If/how org identity email addresses should be verified |
| Added in v2.0.0 See also Email Verification |
invitation_validity | integer | For invitations used to verify email addresses, the length of time (in minutes) the invitation is valid for | See also cm_co_settings | |
regenerate_expired_verification | boolean | Automatically regenerate confirmation links on validation of an expired link? |
| Added in v4.1.0 |
require_authn | boolean | Is the authentication required by the enrollee? |
| |
notification_co_group_id | integer, foreign key | CO Group Record ID whose members will be notified when petitions generated from the enrollment flow trigger certain events | cm_co_groups:id | |
status | varchar(2) | Configuration status |
| |
notify_from | varchar(256) | Address to send notifications from | RFC 5322 Address | Used in coinvite as source email address when sending out notifications |
verification_template_id | integer, foreign key | Template for verification email | cm_co_message_templates:id | |
verification_subject | varchar(256) | Subject for verification email | Deprecated as of v2.0.0, use message templates instead | |
verification_body | text(4000) | Body for verification email | Deprecated as of v2.0.0, use message templates instead | |
request_vetting | boolean | Request Vetting for the Enrollee |
| Added in Registry v4.1.0 |
notify_on_approval | boolean | Notify the enrollee on Petition approval? |
| As of v3.3.0, also triggers notification on denial |
approval_template_id | integer, foreign key | Template for approval email | cm_co_message_templates:id | |
approval_subject | varchar(256) | Subject for approval email | Deprecated as of v2.0.0, use message templates instead | |
approval_body | text(4000) | Body for approval email | Deprecated as of v2.0.0, use message templates instead | |
approver_template_id | integer, foreign key | Template for approver email | Added in Registry v4.3.0 | |
denial_template_id | integer, foreign key | Template for denial email | cm_co_message_templates:id | |
notify_on_finalize | boolean | Notify the enrollee on Petition finalization? |
| |
finalization_template_id | integer, foreign key | Template for finalization email | cm_co_message_templates:id | |
introduction_text | text(4000) | Introductory text displayed at the start of an Enrollment Flow | ||
conclusion_text | text(4000) | Conclusion text displayed at the bottom of a Petition form | ||
introduction_text_pa | text(4000) | Introductory text displayed at the top of a Petition form | Added in Registry v4.1.0 | |
t_and_c_mode | varchar(2) | Terms and Conditions mode |
| |
redirect_on_submit | varchar(256) | After a Petition is submitted, a URL (relative or absolute) to redirect the browser to | ||
redirect_on_confirm | varchar(256) | After the email address associated with a Petition is confirmed, a URL (relative or absolute) to redirect the browser to | ||
redirect_on_finalize | varchar(256) | After a Petition is finalized, a URL (relative or absolute) to redirect the browser to | Added in v3.1.0 | |
return_url_allowlist | text(4000) | Newline separated list of regular expressions representing permitted values to be passed into the petition as a URL to redirect to after the Petition is finalized | Added in v3.1.0, renamed from return_url_whitelist in v3.3.0 | |
ignore_authoritative | boolean | Whether or not to ignore authoritative values |
| |
duplicate_mode | varchar(2) | How to handle a detected duplicate enrollment |
| |
co_theme_id | integer, foreign key | Theme to use when executing this Enrollment Flow | cm_co_themes:id | Added v2.0.0 |
theme_stacking | varchar(2) | Whether to enable Theme Stacking for this Enrollment Flow. |
| Added v4.0.0 |
establish_authenticators | boolean | Whether to establish authenticators as part of enrollment |
| Added v3.3.0 |
establish_cluster_accounts | boolean | Whether to establish cluster accounts as part of enrollment |
| Added v3.3.0 |