Enrollment
In the Enrollment top menu, you can see which identity services the user has enrolled with. Here you can also add enrollments for identity services (Personal Email and Mobile Code (SMS)) without user intervention if your administrator has configured this. Certain identity services can also be removed so that the user can re-enroll with them.
Managing Enrollments
If configured, Service Desk agents can enroll users with Personal Email and/or Mobile Code (SMS) without any user intervention.
Note
Enrollments can only be added after the user's identity has been verified. See Verify identity for more information on identity verification.
Note
Only those identity services that are correctly configured will be shown on the Add enrollment page.
To add enrollment for a user:
- Verify the user (see Verify identity for more information).
- Click Enrollment.
- In the User enrollment info section, click the Add enrollment button.
- Enter the user's phone number or personal email and click Send Code.
- Have the user read the verification code they received to the Service Desk agent.
- Enter the verification code in the Verify Code field, then click Add Enrollment.
Once the user has been enrolled with the identity service, it will appear in the User enrollment info section.
Managing Specops:ID Registration Sessions
To simplify registration with the Specops:ID mobile app, a Specops:ID registration session can be created. A registration session is a short-lived session that allows a user to register their account with Specops:ID. The user completes the registration by scanning a QR code with their mobile phone, or by tapping a corresponding URL.
Registration sessions can only be used once. When a user has completed the registration, the session is consumed and cannot be reused. If a session expires before the user accesses it, a new session must be created. Registration sessions can only be created for users who have not already enrolled with the Specops:ID identity service.
Notifications
Specops:ID registration sessions use notifications to inform users that they can register. Before creating a registration session you should take a look at the configured notifications for the Specops:ID identity service.
A notification can be created for email and/or text message. For email notifications, make sure the EnrollQRCode placeholder is included in the email body. This displays the QR code that the user can scan from Specops:ID to complete the registration. For text message notifications, include the EnrollUrl placeholder instead. This allows the user to tap the URL in the text message to start Specops:ID and complete the registration.
Manage Sessions from Specops Secure Service Desk
Specops:ID registration sessions can be managed from Specops Secure Service Desk, or by using Powershell scripting, see Specops:ID Registration Sessions.
To manage Specops:ID registration sessions from Secure Service Desk:
- Find the user (see Search for a user).
- Click Enrollment.
- Navigate to Specops:ID.
If a registration session already exists for the user account, it is displayed under Registration Session. From here, you can view the session status, add a new session, remove an existing session, and send a notification.
You can also manage the Specops:ID notifications from here. Clicking the button opens the Identity Services settings for Specops:ID, where you can view and update the existing email and/or text message notification templates. Also refer to Notifications.