Specops:ID Registration Sessions
To simplify registration with the Specops:ID mobile app, a Specops:ID registration session can be created. A registration session is a short-lived session that allows a user to register their account with Specops:ID. The user completes the registration by scanning a QR code with their mobile phone, or by tapping a corresponding URL.
Registration sessions can only be used once. When a user has completed the registration, the session is consumed and cannot be reused. If a session expires before the user accesses it, a new session must be created. Registration sessions can only be created for users who have not already enrolled with the Specops:ID identity service.
Notifications
Specops:ID registration sessions use notifications to inform users that they can register. Before creating a registration session you should take a look at the configured notifications for the Specops:ID identity service.
A notification can be created for email and/or text message. For email notifications, make sure the EnrollQRCode placeholder is included in the email body. This displays the QR code that the user can scan from Specops:ID to complete the registration. For text message notifications, include the EnrollUrl placeholder instead. This allows the user to tap the URL in the text message to start Specops:ID and complete the registration.
Create a new Registration Session
Specops:ID registration sessions can be managed from Specops Secure Service Desk or by using Powershell scripting from a computer where the on-prem Gatekeeper administration tools are installed.
To manage Specops:ID registration sessions using on-prem scripting, the following cmdlets are available in the Gatekeeper Administration tools package:
Add-SpecopsAuthenticationSpecopsIdAutoEnrollSession -Username -HoursToLive -TriggerNotification -Force
Get-SpecopsAuthenticationSpecopsIdAutoEnrollSession -Username
Remove-SpecopsAuthenticationSpecopsIdAutoEnrollSession -Username
Send-SpecopsAuthenticationSpecopsIdEnrollNotification -Username
Before using these cmdlets you must import the corresponding module. Run the following command:
Use the Add-SpecopsAuthenticationSpecopsIdAutoEnrollSession cmdlet to create a new registration session. A username is required. The following parameters are optional:
| Parameter | Details |
|---|---|
HoursToLive |
Specifies how long (in hours) the registration session remains valid. |
TriggerNotification |
Sends a registration notification to the user when the session is created. If the parameter is not present, the Send-SpecopsAuthenticationSpecopsIdEnrollNotification cmdlet can be used to trigger the notification later. |
Force |
Overwrites any existing active registration session. |
Examples
This command creates a new registration session and triggers a notification.
Add-SpecopsAuthenticationSpecopsIdAutoEnrollSession -Username 'user1' -HoursToLive 8 -TriggerNotification -Force
The registration session details are returned in the PowerShell console in the following format:
UserName : user1@acme.local
CreatedByUserName : admin1@acme.local
CreatedAt : 1/7/2026 11:01:03 AM +00:00
ExpiresAt : 1/10/2026 11:01:03 AM +00:00
Status : Active
NotificationSent : True
NotificationSentTimestamp : 1/7/2026 11:01:04 AM +00:00
This command will return the same registration session information, if the session is still available.
Note
When using the Get-SpecopsAuthenticationSpecopsIdAutoEnrollSession cmdlet, Username is optional. If omitted, all available sessions for all users will be listed.