Enrollment steps
STEPS tab: AD enrollment
This section allow drag-and-drop configuration for enrollment flow’s steps, including form types (if the field expecting user input is string, char etc) and default text strings the users see during the process.
For additional details about the step configuration illustrated in the picture below, please refer to:
Standard Enrolment
JWT Enrolment

Basic configuration values:
Name | Basic Description | Default Value |
---|---|---|
Input Status | Input status(es) for state machine. Recommendation is to use the default value. | . |
Output Status | Output status(es) for state machine. Recommendation is to use the default value. | Active |
Identifier | Identifier that connects to the backend logic | ADEnrollmentStep |
Title | Step Title | AD Enrollment |
Description | Step Description | Configure identities to work for LDAP [Main step] |

Configuration parameters for generic functionalities:
Name | Basic Description | Default Value |
---|---|---|
Allowed Groups | User groups allowed for enrollment | n/a |
This option enables the system to create users without assigning them to any groups initially | This feature allows users who are not currently members of any group to enroll in the system | OFF |
User enrollment via invitation code - Restrict users to enroll only using invitation codes | Main setting that will enable invitation code as a hard requirement for the enrolment process. | OFF |
Require invitation code or PIN for re-enroll on mobile device - On mobile devices, on 'Forget PIN' or 'Revalidate Native Biometrics' flows, validation of invitation code or PIN is required. The PIN is validated only when 'Allow user enrollment with PIN validation' is enabled | OFF | |
Allow user enrollment with PIN validation - Allows enrollment with PIN validation for existing users as an alternative to invitation code | ON | |
Valid AD Attribute used as username in invitation | Active Directory Attribute which will be used as username in email upon enrollment invitation | upn |
For details about extended configuration of invitation codes, please refer to the dedicated page:
Enrolment By Invitation Code

Mobile GUI:
Name | Basic Description | Default Value |
---|---|---|
Page Description | Page Description | Please enter your directory service credentials. |
Enrollment Step Action Name | Enrollment Step Action Name | NEXT |
Enrollment Step Type | Defines the type of enrolment step, i.e. “Form” defines a screen where user input is expected | Form |
Enrollment Step Title | Enrollment Step Title | Form registration |
Enrollment Step Version | Enrollment Step Version | 1.0 |
Enrollment Step Parameters | Defines name & type of input on that step, i.e. a field named “Username” which accepts a string value such as “x@x.com” | |
Restart Enrollment Step Action Name | Allow defining the name for the enrolment restart step. |

OPTIONS tab
Name | Basic Description | Default Value |
---|---|---|
Enrollment Metadata Options | Custom Disclaimer text shown to users upon enrollment. | Welcome to VeridiumID! A custom disclaimer can be added here... |
