Enabling Invitation-Based Device Enrollment

This option allows users to enroll their devices without entering their system password. Users select the link and certificate exchanges happen automatically. This option is ideal for smart card users to enroll their mobile devices because these users do not have passwords.

Both Android and iOS devices are supported.

To enable invitation-based enrollment mobile devices:

1. Log in to Admin Portal.

2. Click Access > Roles.

3. Create a new role or select an existing role.

4. Click Members > Add.

5. On the Add Members window:

   1. Enter the first few letters of the user, role, or Active Directory/LDAP account/group you want to add and click the search icon.

   2. Select the relevant user, role, or Active Directory/LDAP account/group and click Add.

      

6. Click Save to save the changes.

7. Click Policies and either click Add Policy Set or select an existing policy.

8. Click Policies > Devices.

9. Select Yes in the Enable invite based enrollment policy.

10. Select the length of time (in minutes) that the invitation will remain valid in the Invite based enrollment link expiration (default 60 minutes) policy.

11. Configure the other policies as necessary.

12. Click Save.