Before a new administrator can be added and before people can begin to access the tools available to the CO, the CO must have enrollment flows configured and users invited to the system. An administrative enrollment flow requires per-participant action on the part of the administrator (or their delegate). Each participant will be manually added to the CO by the CO administrator. |
For more detail on enrollment flows and their details, see Registry Enrollment Flow Configuration in the COmanage technical manual. |
These instructions assume a CO has been created by the platform administrator. |
When you have created a copy of that enrollment flow, click on Edit, then rename the enrollment flow and review the options.
You will need to change the status of the new enrollment flow to 'Active'. Renaming it is also a good idea. |
These are the default templates. Note that they are best thought of as starting points; customization is recommended in accordance with the needs of a given deployment.
|
| Name | You must rename the enrollment workflow. The name should be unique and reasonably self-explanatory. In this case, simply removing the word template may be sufficient. |
| Status | This must be changed from "Template" to either "Active" (if you are ready for users to start using it) or "Suspended" (if you would like to hold off on having potential users start enrolling). |
| Petitioner Enrollment Authorization Authorization required to execute this enrollment flow, see Enrollment Authorization for details | *** |
| Identity Matching Identity Matching policy for this enrollment flow, see Identity Matching for details | For this type of enrollment workflow, we recommend selecting "Advisory". |
Require Approval For Enrollment (Members of this Group are authorized approvers (or else CO/COU admins by default)) | To require approval, leave the check box selected. |
| Require Confirmation of Email Confirm email addresses provided by sending a confirmation URL to the address | This basic confirmation step helps ensure accurate user data in the registry. |
| Invitation Validity (Minutes) When confirming an email address (done via an "invitation"), the length of time (in minutes) the confirmation link is valid for (default is 1 day = 1440 minutes) | The invitation itself should be time-bounded for basic security reasons. The default is to have this be one day, but if your use case suggests longer is better, you can configure it that way. |
| Subject For Verification Email Subject line for email message sent as part of verification step. | This is configurable, and along with the email body and from address, should be adjusted for your collaboration. COmanage can use regular expressions to automatically fill in some of the detail (like the CO name). Remember that this email will need to get passed spam filters. |
| Verification Email Body Body for email message sent as part of verification step. Max 4000 characters. | This is configurable, and along with the email subject and from address, should be adjusted for your collaboration. COmanage can use regular expressions to automatically fill in some of the detail (like the CO name). Remember that this email will need to get passed spam filters. |
| Require Enrollee Authentication Require enrollee to authenticate in order to complete their enrollment | This is another verification step which, by default, is turned off in this workflow. |
| From Address For Notifications Email address notifications will come from | This is configurable, and along with the email subject and body, should be adjusted for your collaboration. COmanage can use regular expressions to automatically fill in some of the detail (like the CO name). Remember that this email will need to get passed spam filters. |
| Notification Group Group to notify on new petitions and changes of petition status. (This is an informational notification. Separate notifications will be sent to approvers and enrollees, as appropriate.) | While one person or group may be responsible for approving petitions, a larger group may be interested to see when the changes in status for incoming users. |
| Notify On Approved Status Notify enrollee when Petition is approved | While not necessarily required, this is generally a good idea to help manage the user's expectations and keep them informed of the process. |
| Subject For Approval Email Subject line for email message sent after Petition is approved. | This is configurable, and along with the email subject and body, should be adjusted for your collaboration. COmanage can use regular expressions to automatically fill in some of the detail (like the CO name). Remember that this email will need to get passed spam filters. |
| Approval Email Body Body for email message sent after Petition is approved. Max 4000 characters. | This is configurable, and along with the email subject and body, should be adjusted for your collaboration. COmanage can use regular expressions to automatically fill in some of the detail (like the CO name). Remember that this email will need to get passed spam filters. |
| Introduction Optional text to display at the top of a Petition form | This text might offer the enrollees some more information about the CO and explain the registration process. |
| Conclusion Optional text to display at the bottom of a Petition form, before the Submit button | This text might inform users of the next steps for participating in the collaboration, including pointers to relevant URLs or descriptions of mailing lists |
| Terms and Conditions Mode* How to handle Terms and Conditions at enrollment, if any are defined. See Terms and Conditions | If your collaboration has particular end user agreements or requirements on the intellectual property ownership of information, this may be a useful feature for you to apply to your VO. |
| Submission Redirect URL URL to redirect to after Petition is submitted by someone who is not already in the CO. | |
| Confirmation Redirect URL URL to redirect to after the email address associated with the Petition is confirmed. Leave blank for account linking enrollment. | |
| Ignore Authoritative Values Ignore authoritative values for this attribute, such as those provided via environment variables, SAML, or LDAP |