Versions Compared

Old Version 12

changes.mady.by.user Uitdehaag, Michiel

Saved on

compared with

New Version 13

changes.mady.by.user Uitdehaag, Michiel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This example shows how to set up an enrollment based on an Invitation, using SAML as authorative source. Please see Configuring COmanage Enrollment Flows for more details about configuring enrollment flows.

The key difference between self-signup and invitation flows is the fact that COmanage creates a so-called Organisational-Identity (OI) based on the values entered by the petitioner (ie: the person starting the invitation enrollment). The values that petitioner uses for the invitation may not match the values passed by the identity-provider of the person invited (the enrollee). In order to store both types of values, COmanage needs at least two container objects (the Organisational Identities).

...

Enrollment invite-flow recommended configuration options



 

Important fields in this form:

  • who can start the flow: administrators,or administrators of a specific COU
  • require enrollee authentication (set 'on')

After configuring this form, perform the following steps:

  • add enrollment attributes, copying attributes to either the OrgIdentity and/or the COPerson records. Please note that due to how invite flows work, the system cannot determine IdP attributes to fill out enrollment attribute defaults: the petitioner OrgIdentity is not the record you would want the defaults of, and the enrollee has not received any notification yet).
  • add the SamlSource Organizational Identity Source (OIS). An option to manage OIS-es should be available at the top of the above configuration form (although not visible on this specific screenshot). Please see Configuring COmanage Enrollment Flows for details on how to configure the relevant OIS