Skip to main content

Enrollment

Enrollment is a process that allows a user to register with the MAYI ID system and use the services associated with the Selfservice portal or the Credentials Reset application. The enrollment process consists of several steps in which contact or other information is collected and basic authentication methods are registered to verify the user's identity.

If you are admin and looking for ways to configure enrollment: (Admin permissions required to view)
• Authentication methods in TAC / Authentications
Enrollment profiles in TAC / User management
Enrollment application configuration in TAC / Applications
Autoenrollment in Admin console

Enrollment steps


The enrollment process consists of several steps in which contact or other information is collected and basic authentication methods are registered to verify the user's identity.

Steps in enrollment can differ depending on company policy, and are customisable by admin.

  1. Invitation email
     User receives an invitation email (from Admin or other user with invitational rights). Email should contain a link to enrollment and a username to use for sign in.
  2. Username + One time password
    When opening the link, user will also receive an one time password (OTP) (either as a second email, or SMS to the mobile phone, depending on config.) for accessing the enrollment steps. First the username is asked, then the OTP. Once signed in to the enrollment, further steps will follow.
  3. Contact information
    Once signed in user is asked to provide contact information for verifying in cases such as Emergency access. 
  4. Authentication methods (tokens)
    User is asked to setup one or more authentication tokens, which usually are in form of mobile authenticator applications. You can be asked to set-up more then one authenticators by admin.

    Android  iOS
    MAY ID authenticator (Our own in-house built app) MAYI ID authenticator (Our own in-house built app)
    Aegis Authenticator (Free, open source, Android only) Passwords (Native to iOS)
    Google Authenticator Google Authenticator
    Microsoft Authenticator Microsoft Authenticator

  5. Passkey
    User might be asked to setup as yet another authentication method called Passkey. More about Passkey method here.

    Android iOS

    How to setup passkeys with your existing android devices

    		 How to setup passkeys with your existing iOS devices

  6. Verification questions
    User might be also asked to create answers to a set of questions asked by admin. More about them here.
  7. Summary
    User can review all the previous enrollment steps in a single view, which can also alert user about the missing required steps.
  8. Enrollment completed
    User has completed the enrollment and is ready to sign in to the Selfservice, Vault or Certificates. For signing in, user can choose any of available methods (tokens) that just has enrolled. Admin would see user with a status Enrolled.

When to use enrollment? (Use case)

Enrollment is a must have prerequisite for each user.
Enrollment allows users to setup access to the MAYID system. Once enrolled user is ready to access and use the MAYI ID applications.

  • Edge cases:
  • Some users can be enrolled partially, and admin can finish the enrollment for them.
  • Some users can be enrolled remotely by admin.

Back to top