Characteristics found in this use case:

  • A single platform managed by a single, central organization, with multiple, discrete VOs each with their own enrollment processes
  • Enrollment processes include self-signup, administrative/delegated signup, and conscripted signup
  • Individuals use various IdP with support for the Research and Scholarship entity category
  • Apps include typical collaboration apps we well as domain specific apps, ssh key management, github access
  • Administrators need to use audit capabilities for grant reporting on demographics and usage

 

Before you login to the COmanage Registry to start configuring the environment for your VO, consider the following questions:

  1. Do you want members of one collaboration to potentially be able see the members of another collaboration?

    1. A flat logical structure with multiple collaborative organizations (COs) implies an impact on the overall architecture for the COmanage Registry.  Each CO will have a set of people records underneath it; an individual might have multiple person records if they are members of multiple COs. This could become confusing for a user who would experience different access restrictions despite logging in with the same organizational identity.  Alternatively, the platform can be configured to have a single, master CO with multiple COUs underneath it. From the user perspective, their person record could then be attached to multiple COUs, giving them a complete view of what their information in the Registry. For more information on the differences between a CO and a COU, see CO vs. COU.

      If it is important to prevent users or even administrators from seeing who is in other collaborations on the platform, then it will be important to configure the environment with multiple COs instead of one CO with multiple COUs. The downside of that model, however, is that users will have a higher burden if they need to enroll multiple times, and the linking of applications may become more complicated.


  2. Do you want to delegate as much of the user enrollment process as possible to group or COU administrators?

    1. By default, only the CO admin can invite or add people to the CO. If you would like to delegate the ability to others to do the invitations or additions, the CO admin can enable that when they create the enrollment flows for the CO.   

      In smaller collaborations, this might not be necessary; one administrator can manage the enrollment processes. In larger collaborations, however, delegation may be a better model.


Step-by-step Guide to Creating a New CO

Once the collaboration platform and its components have been installed and your first administrative users added, it's time to start configuring it to support your collaboration(s). The first step is to create a CO.

  1. Go to the COmanage Registry URL (address TBD for your site; for the sake of this documentation, this will be https://comanage.example.net/registry).

  2. Login. Note that your account will need to be a Platform Administrator account in order to create new COs.

  3. At the top of the screen, there should be a drop down menu called 'Platform'. Click on the 'CO' option in that menu. This will take you to the "COmanage Registry: COs" page

  4. On the COs page, click on "Add CO".

  5. Enter in the name of the CO, a brief description, and if you are ready for this to be immediately active, leave the status as 'Active'.

 

For more information on setting up a CO, see Setting Up Your First CO in the Technical Manual.

 

 

Step-by-step Guide on How to Configure a CO

After a CO has been created, there are a variety of options available to configure it to meet the needs of a particular collaboration. Adjust the configuration to meet the needs of your particular collaboration.

  1. On the COmanage Registry home page, there is a table of COs. Click on the one to be configured.
  2. On the CO page, click on the drop down menu, 'Configuration' and then 'CO Settings'.
  3. Review the default settings and modify based on the needs of your CO.

 

CO Configuration Options

ParameterDescriptionDefault setting
Disable ExpirationDisable automatic (scheduled) expirations.
This setting does not impact manual expirations		 
Enable NormalizationData entered into a form field is standardized into a structure more consistent with human language. For additional details, see Normalizing Data in the COmanage Technical Manual.On
Enable NSF DemographicsCOmanage Registry supports the collection of NSF Demographic Information. This information is attached to the CO Person record, meaning it is unique per-CO. For additional details, see Collecting NSF Demographics in the COmanage Technical Manual. Off
Invitation Validity (Minutes)When confirming an email address (done via an "invitation"), the length of time (in minutes) the confirmation link is valid for (default is 1 day = 1440 minutes)1440
Address Required FieldsThis sets the minimum information needed for a person's address within a CO. Street
Name Required Fields

This sets the minimum information needed for a person's name within a CO.

Given Name
Name Permitted FieldsThis sets all the allowed information for a person's name within a CO.Honorific, Given, Middle, Family, Suffix
Terms and Conditions ModeHow to handle Terms and Conditions at login, if any are defined. See Terms and ConditionsDo Not Enforce
Sponsor Eligibility ModeWhich CO People are eligible to sponsor CO Person RolesCO or COU Admin

 

 

 

 

Step-by-step Guide to Configuring Enrollment Flows

Before a new administrator can be added and before people can begin to access the tools available to the CO, the CO must have enrollment flows configured and users invited to the system.

These instructions assume a CO has been created by the platform administrator.

 

  1. From the COmanage Registry home page, click on the CO listed in the table.
  2. In the drop down menu under the name of the CO, click on 'Configuration' and then 'Enrollment'.
  3. If the resulting page is blank, click on 'Add/Restore Default Templates'.
  4. Choose one or more templates to 'Duplicate' by clicking on the Duplicate link next to the appropriate template. 

  5. When you have created a copy of an enrollment flow, click on Edit, then rename the enrollment flow and review the options.

    You will need to change the status of the new enrollment flow to 'Active'. Renaming it is also a good idea.

These are the default templates. Note that they are best thought of as starting points; customization is recommended in accordance with the needs of a given deployment.

Default flowDescription
Account Linking (template)An Account Linking enrollment flow is used by an end-user (in this case, making them the 'Petitioner') who is already in the CO when they want to link an additional organizational identity to their record.
Additional Role (template) 
Conscription with Approval (template)A Conscription enrollment flow is used by an administrator (in this case, making the administrator the 'Petitioner') to add a new user (an 'Enrollee'), possibly with CO admin approval but without enrollee confirmation.
Invitation (template)An Invitation enrollment flow is used by an administrator (in this case, making the administrator the 'Petitioner') to add a new user (an 'Enrollee'), possibly with CO admin approval, and always with enrollee confirmation.
Self Signup with Approval (template)In this case, the end-user is also Petitioner; they can follow a workflow and invite themselves to the CO with no approval process required before activation.

For more detail on enrollment flows and their details, see Registry Enrollment Flow Configuration in the COmanage technical manual.

 

 

Step-by-step Guide To Adding New CO Members

These instructions assume that you have already created at least one new enrollment flow for your CO (see How to Configure Enrollment Flows).

  1. From the COmanage Registry home page, click on your CO.

  2. On the 'People' drop down menu, click on 'Enroll'.

    If you have not yet created at least one enrollment flow for your CO, this screen will be blank.

    Even if you want to add users administratively, with no interaction on their part, you need to set up an enrollment flow.

  3. On the Enrollment Flows page, click 'Begin' on the enrollment type that is appropriate for the individual you want to add.

    See How to Configure Enrollment Flows for information on the different types of basic enrollment flows and what they can do. You can configure these to be more specific to your collaboration's needs; the templates are just a place to start.

 

Step-by-step Guide to Making a CO Member into an Admin

These instructions assume that:

  1. From the COmanage Registry home page, click on your CO.
  2. From the CO welcome page, click on the drop down menu for 'People' and select 'My Population'.
  3. Select the member that you would like to make into a CO admin.
  4. On the member's page, click on 'Manage Group Memberships'.
  5. Select 'member' on the admin group line.

 

This is just one path to making a user an administrator; there are several paths that might bring you to the group management pages, or the individual user pages.

 

 

Step-by-step Guide to Creating New Groups

Groups are used for a variety of reasons, but generally they are used to manage permissions and access, or to manage contact lists. COmanage handles basic groups; for more complex group structures, Grouper integration is required.

  1. From the COmanage Registry home page, login and select your CO.
  2. Click on 'Groups' and then 'All Groups' in the menu bar.
  3. On the Groups page, select 'Add Groups', located above the Groups table.
  4. On the 'Add a Group' page, fill in the fields, and click 'Add'.

 

'Add a Group' Options

Field NameDescription
 NameRecord the name of your group. This is a required field.
 DescriptionRecord a brief description of the group. This helps other users and future administrators understand the purpose of the group.
 OpenThis is a check box to indicate whether anyone can join, or if users may only be added by the group owner.
StatusGroups may be Active or Suspended.

 

For more information on Groups and COUs, see

  • No labels