cm_co_enrollment_flows

cm_co_enrollment_flows

Per-CO enrollment flow configurations

id

integer, primary key

Row identifier

autoincrement

name

varchar(128)

Flow Name

co_id

integer, foreign key

CO Record ID

cm_cos:id

authz_level

varchar(2)

Authorization required to execute this enrollment flow

• A: CO or COU admin (administrator enrollment)
• N: No authorization required (open, self enrollment)
• CA: CO admin (administrator enrollment)
• CG: Member of specified CO group (self or delegated enrollment)
• CP: CO Person (self or delegated enrollment)
• UA: COU admin (administrator enrollment)
• UP: CO Person in specified COU (self or delegated enrollment)

authz_cou_id

integer, foreign key

COU Record ID when authz_level is UA or UP

cm_cous:id

authz_co_group_id

integer, foreign key

CO Group Record ID when authz_level is CG

cm_co_groups:id

match_policy

varchar(2)

Policy for matching against existing CO People

• A: Advisory (suggestions are provided but not automatically selected)
• M: Automatic (where possible, automatically perform matching)
• N: None (no matching performed)
• S: Self (can only re-enroll self)

approval_required

boolean

Is approval required before any provisioning may occur?

• true: Approval required
• false: Approval not requested

Approvers defined by CO:admin.approvers or CO:admin.approvers:COU group membership

approver_co_group_id

integer, foreign key

CO Group Record ID for group whose members are authorized to approve petitions created by this flow

cm_co_groups:id

verify_email

boolean

Do org identity email addresses need to be verified?

• true: Verification required
• false: Verification not requested
  

Verification sends an email to the address with a URL

invitation_validity

integer

For invitations used to verify email addresses, the length of time (in minutes) the invitation is valid for

See also cm_co_settings

require_authn

boolean

Is the authentication required by the enrollee?

• true: Approval required
• false: Approval not requested
  

early_provisioning_exec

varchar(128)

Executable to be called at early provisioning stage of enrollment flow

Highly tentative

provisioning_exec

varchar(128)

Executable to be called at main provisioning stage of enrollment flow

Highly tentative

notification_co_group_id

integer, foreign key

CO Group Record ID whose members will be notified when petitions generated from the enrollment flow trigger certain events

cm_co_groups:id

notify_on_early_provision

varchar(256)

Address to notify after early provisioning has executed

RFC 5322 Address

notify_on_provision

varchar(256)

Address to notify after provisioning has executed

RFC 5322 Address

notify_on_active

varchar(256)

Address to notify after enrollee status changes to Active

RFC 5322 Address

status

varchar(2)

Configuration status

• A: Active
• S: Suspended

notify_from

varchar(256)

Address to send notifications from

RFC 5322 Address

Used in coinvite as source email address when sending out notifications

verification_subject

varchar(256)

Subject for verification email

verification_body

text(4000)

Body for verification email

notify_on_approval

boolean

Notify the enrollee on Petition approval?

• true: Notification is sent
• false: Notification is not sent

approval_subject

varchar(256)

Subject for approval email

approval_body

text(4000)

Body for approval email

introduction_text

text(4000)

Introductory text displayed at the top of a Petition form

redirect_on_submit

varchar(256)

After a Petition is submitted, a URL (relative or absolute) to redirect the browser to

redirect_on_confirm

varchar(256)

After the email address associated with a Petition is confirmed, a URL (relative or absolute) to redirect the browser to

ignore_authoritative

boolean

Whether or not to ignore authoritative values

• true: Ignore authoritative values for all attributes in this enrollment flow
• false: Allow authoritative values for this attribute (subject to per-attribute override)