Skip to main content

Enrollment

Enrollment is an application that allows a user to register with the MAYI ID system and use the services associated with the Selfservice portal or the Credentials Reset application. The enrollment process consists of several steps in which contact or other information is collected and basic authentication methods are registered to verify the user's identity.

If you are admin and looking how to configure enrollment you will need to configure:
1. Authentication methods in TAC / Authentications
2. Enrollment profiles in TAC / User management
3. Enrollment application configuration in TAC / Applications

Enrollment steps


The enrollment process consists of several steps in which contact or other information is collected and basic authentication methods are registered to verify the user's identity.

Steps in enrollment can differ depending on company policy, and are customisable by admin.

  1. Invitation email:email
     User receives an invitation email (from Admin or other user with invitational rights). Email should contain a link to enrollment and a username.username to use for sign in.
  2. Username + One time passport:
    When opening the link, user will also receive an one time password (OTP) (either as a second email, or SMS to the mobile phone, depending on config.) for accessing the enrollment steps. First the username is asked, then the OTP. Once signed in to the enrollment, further steps will follow.
  3. Contact information:information
    Once signed in user is asked to provide contact information to use in case offor verifying in cases such as Emergency access. 
  4. Authentication tokens:tokens
    User is asked to setup one or more authentication tokens, which usually are in form of mobile authenticator applications (Google Authenticator, Microsoft Authenticator, Aegis Authenticator, Passkey token) or our own MAYI ID Authenticator.applications. You can be asked to set-up more then one tokens by admin. 

    Android iOS
    MAY ID authenticator (Our own in-house built app)MAYI ID authenticator (Our own in-house built app)
    Aegis Authenticator (Free, open source, Android only)Passwords (Native to iOS)
    Google AuthenticatorGoogle Authenticator
    Microsoft AuthenticatorMicrosoft Authenticator

  5. Verification questions:
    User might be also asked to create answers to a set of questions asked by admin. More about them here.
  6. Summary:Summary
    User can review all the previous enrollment steps in a single view, which can also alert user about the missing required steps.
  7. Enrollment completed.completed
    User has completed the enrollment and is ready to sign in to the Selfservice, Vault or Certificates. For signing in, user can choose any of available methods (tokens) that just has enrolled. Admin would see user with a status Enrolled.

When to use enrollment? (Use case)

  • Main use case: Enrollment is a must have prerequisite for each user. Enrollment allows users to setup access to the MAYID system. Once enrolled user is ready to access and use the MAYI ID applications.
  • Edge case: Some users can be enrolled partially or even remotely by admin.

Back to top