You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Using the /user end point might be a bit of a problem, since this endpoint requires authentication by an admin or a user. We could enhance POST /user, but the more complicated logic to check for the authenticated user, might break some things. So we create a new endpoint like /register
Notification
He gets an email with a registration token. After this, he can login and enroll tokens.
UI
If a registration policy is defined, the normal login window contains a link to the registration form.
Policy
The registration policy can be located in the scope=enrollment
Or we use a new scope registration
A policy should define in which resolver the user is to be created.
optional: Choose between several realm, require administrative confirmation.
As there are several possibilities we create a new scope registration
Actions contain the new resolver and the settings for the constraints.
Constraints
There can be certain registration constraints according to the policy. Like registering only from client IPs.
But we can also add additional constraints like:
registering is only allowed with certain email-addresses
registering is only allowed during certain times
in certain realms....
TODOs
send notification email
documentation
The text was updated successfully, but these errors were encountered:
The user can register himself with
Registration data
Registration API
Using the /user end point might be a bit of a problem, since this endpoint requires authentication by an admin or a user. We could enhance POST /user, but the more complicated logic to check for the authenticated user, might break some things. So we create a new endpoint like /register
Notification
He gets an email with a registration token. After this, he can login and enroll tokens.
UI
If a registration policy is defined, the normal login window contains a link to the registration form.
Policy
The registration policy can be located in the scope=enrollment
Or we use a new scope registration
A policy should define in which resolver the user is to be created.
optional: Choose between several realm, require administrative confirmation.
As there are several possibilities we create a new scope registration
Actions contain the new resolver and the settings for the constraints.
Constraints
There can be certain registration constraints according to the policy. Like registering only from client IPs.
But we can also add additional constraints like:
TODOs
The text was updated successfully, but these errors were encountered: