You can invite a new user with an invitation created in Selfservice on the My invitations screen. The user will receive an email with a link which, when clicked, will launch the Enrollment application and the user will fill in the necessary data and enroll to use the application. Alternatively, the user can be invited and enrolled directly without having to enroll themselves. This invitation and enrollment process falls under the appropriate permissions that can be assigned to operators and is initiated in the Operational console on the Users screen.

Note: the entire process depends on the invitation templates being set up in the IGA Governance console.

The process has two parts:

creating an invitation
enrollment on behalf

1. invite new user - create new user

1	Switch to the relevant Tenant, open the Users option in the Operational Console menu.
2	List of the tenant's users will be displayed.
3	Press the INVITE NEW USER button [ ].
4	The modal window with the list of onboarding templates will be displayed. Note: in this selection only EXT type on invitation templates - see Invitation configuration page for more details.
5	Select the Select new user choice, choose the template from the list and press button NEXT. Note: the templates are configured in the IGA - Governance console by user with specific privilege - see Invitation configuration page for more details.
6	The invitation form will be displayed. Note: the scope of the invitation form is defined on template level - see Invitation configuration page for more details.
7	Fill requested information and the finish of the invitation process end with following variants - depends on the configuration and operator's permissions and privileges:
8	Variant A - operator has: relevant permissions for the enrollment profile (configured in Admin console) privilege to enroll user for the selected tenant (configured in Admin console) the enrollment type on the invitation is set as ON_BEHALF so the CONTINUE button will create user in LDAP and also in ANT ID database and start the enrollment on behalf process.
9	Variant B - operator has only: privilege to enroll user for the selected tenant (configured in Admin console) the enrollment type on the invitation is set as ON_BEHALF but doesn't have permission for any enrollment profile so the CONFIRM button will create user in LDAP and in ANT ID database - user will be available on the list of users as a partially enrolled.

2. enroll new user - enrollment on behalf

1	This function could be run as a part of invitation process (see above - Invite new user - Create new user) OR as s stand-alone feature from the Users list in Operational console - open the Users menu option in the Operational Console menu, switch to Partially enrolled users and use the Complete enrollment menu option from context menu
2	The first step of enrollment on-behalf form will be displayed. Note: the content of the form is defined on the administrator level.
3	Fill all mandatory fields and press CONTINUE button.
4	The second step of enrollment on-behalf form is displayed. This step contains enrollment of tokens. Press the ADD NEW TOKEN button [ ] to select which type of token shold be enrolled - see the token enrollment help page Note: the types of tokens that could be enrolled are defined on the administrator level.
5	Enroll required number of tokens and press ENROLL USER button.
6	The user is enrolled in ANT ID and capable to log-in using the enrolled token.

For more details and context of this feature - see the documentation pages: Invite new user and Enrollment on behalf.

<< Back