This document describes the Registry Enrollment mechanism introduced as part of COmanage Registry v0.9.4. For Registry Enrollment in older versions, see Registry Enrollment (Old).
About Registry Enrollment
By default, COmanage Registry uses an invitation based workflow.
COmanage Registry can also use customized Enrollment Flows to onboard new people into each organization. Enrollment Flows consists of a series of pre-defined steps, the execution of which is managed by Registry in accordance with the configuration of each specific Flow.
Enrollment Flow Steps
See also: Registry Enrollment Flow Diagram
A step may be considered Required, Optional, or Not Permitted, in accordance with the configuration. A Required step will execute both the core Registry functionality, as well as any Plugins. An Optional step will only execute Plugins, the core functionality will be skipped. Not Permitted means neither core nor Plugin functionality will be executed.
The order steps execute in may vary according to flow configuration.
Some "internal" steps are not documented here.
Step | Description | Core Step Executes If | Plugins Run If Core Doesn't? (Optional) | Petition Status Following Step |
---|---|---|---|---|
start | Initial step of an enrollment flow. The Petition artifact is created following successful completion (including any Plugins) of this step. | Introduction Text is defined | Yes | Created |
selectOrgIdentity | Select an Org Identity via an Org Identity Source for this enrollment. | Org Identity Mode is not None | No | Created |
selectEnrollee | Select an existing identity (CO Person or Org Identity) for this enrollment. | Identity Matching is set to Self | No | Created |
petitionerAttributes | Collect attributes from the Petitioner. | No | Created* | |
sendConfirmation | Send an email to confirm deliverability of Enrollee email address. | Require Confirmation of Email is set | No | Pending Confirmation |
processConfirmation | Process the response to the email sent in the sendConfirmation step. | Require Confirmation of Email is set | No | Confirmed or Declined |
collectIdentifier | The identifier used by the enrollee to authenticate (eg: Automatic linking for existing identifiers is handled in this step. | Require Confirmation of Email and Require Authentication are set | No | Confirmed |
sendApproverNotification | Notify the approvers configured for the Enrollment Flow that the Petition is read for review and approval. | Require Approval For Enrollment is set | No | Pending Approval |
approve | Process Petition approval. | Require Approval For Enrollment is set | No | Approved |
deny | Process Petition denial. | Require Approval For Enrollment is set | No | Denied |
sendApprovalNotification | Notify the enrollee that their Petition has been approved. | Require Approval For Enrollment is set | No | Approved |
finalize | If the Petition is not denied, assign identifiers and set person status to Active. | No | Finalized or Denied | |
provision | If the Petition is finalized, provision services. | No | Finalized |
* New Person/Role status set to Pending
Plugin Execution
Enrollment Flows support Plugins as a way of customizing beyond what is supported out of the box. See Writing Registry Plugins for more details.
Plugins are executed after the core step has completed, or if the step is considered Optional. When a Plugin is executed, handoff is via a URL. More details about this are in the Plugin Documentation. Because Plugins must be run one at a time, Plugins are executed alphabetically to ensure a predictable order. However, this order is subject to change in a future release. Once all Plugins have been run, the next step will be initiated.
Plugins are only executed for the steps documented here. "Internal" steps are not accessible to Plugins.