Set up an enrollment process
- Applies to: all Board Cloud subscriptions associated with a Subscription Hub
HOW: Create and configure a new enrollment process
The Enrollment process can be of two types: with direct approval or with manual approval. Here's how to configure and enable them.
Direct approval enrollment process
To set up a direct approval enrollment process, proceed as follows:
- Configure an external identity provider (IDP) that will handle identity information and user authentication. Board supports SAML2 and OIDC external identity providers
- In the Default authorizations page, select the external identity provider you previously configured, define a main license, integration with Microsoft Office, culture and assign default authorizations for every Board platform associated with the Subscription Hub. The system will apply those setting to all users accounts created via the enrollment process.
-
Enable the Enrollment feature, by clicking on the "ENABLE FEATURE" blue button in the upper right corner of the page
When a new user logs into Board through the configured external IDP for the first time, a new user account is created and saved within the Subscription Hub.
Please note: for the direct approval enrollment process to work, additional configuration managed by Board Cloud team is required. Please submit a ticket through Board Support Desk for further assistance.
Manual approval enrollment process
To set up a direct approval enrollment process, proceed as follows:
- In the Request form page, create a request form that users will fill out during the enrollment process
- (Optional) In the Approvers page, select one or more users to be tasked with the requests approval
- In the Default authorizations page, choose an authentication type, Board authentication or an external identity provider (IDP), that will handle identity information and user authentication. Board supports SAML2 and OIDC external identity providers.
Define a main license, integration with Microsoft Office, culture and assign default authorizations for every Board platform associated with the Subscription Hub. The system will apply those setting to all users accounts created via the enrollment process. -
Enable the Enrollment feature, by clicking on the "ENABLE FEATURE" blue button in the upper right corner of the page
Once a manual approval enrollment process is in place, the user will be able to request access to Board through the following process:
- The user navigates to the Board sign-in page and clicks on "Request Access"
- The user is prompted to fill in the mandatory eMail field then the system sends a verification email to the user for validating his/her email address
- In the verification email, the user clicks on the link provided to validate his/her email address. The user is then taken to the request form to proceed with the enrollment process
- Once the request form has been filled out, the user clicks on "SEND REQUEST" to complete his/her access request. The system sends a notification email confirming the request has been received and is pending approval
- Designated approvers receive a notification email containing all information entered in the request form and a link to the newly created user account
Any administrator logged into the Subscription Hub can evaluate and approve new user accounts created by a manual approval enrollment process from the Users home page. These user accounts will have their enrollment status set to New Request.
To reject access requests, approvers and administrators will need to select user accounts whose enrollment status is set to New Request, click “DELETE” in the upper left corner of the page and then "yes" in the confirmation pop up. - Once the access request has been approved, the system sends a confirmation email to the user. He/she is then able to access Board with his/her external IDP credentials.
In case identity information is managed by Board authentication, the user will receive a confirmation email that will prompt them to set a password for their account
Whenever an existing user logs into Board through an external IDP, the information in his/her User profile panel is overwritten with the most recent information imported from the external IDP. Manual changes made by administrators are also overwritten, depending on the external IDP's configuration.
See the Identity Provider Federation section and Login scenarios for more details.
If a direct or manual Enrollment process is enabled in the Subscription Hub and there are no more licenses available for new users, a specific error page is displayed at the end of the Enrollment process. New user accounts are still created, but they are disabled: to activate them, administrators or approvers will have to manually assign them an available license in the User profile panel or enable them by unchecking the "disabled" checkbox, provided a valid license is assigned those accounts
Learn how to