Skip to main content
Configuring Workflows To add a workflow, click the (+) button at the top of the page Identity Verification Workflows consist of the following steps:
  • User Self-Service: Users must provide an attribute (or attributes) that exist in the corporate directory (custom attributes are supported)
  • Primary User Identifier: The attribute that every user in your organization must provide so that TruU can find the user in your directory to determine which enrollment workflow applies for that user.  This value cannot be edited in the workflow itself
  • Require Knowledge Factors: This enables you to specify additional directory attributes that the user must provide in order to complete the self-service step
The order of the attributes determines the order that the user must enter the attributes in the mobile app.  Click the (+) button to add more attributes, and click the X to remove attributes Send User Identification Link: Enables you to provide users with an ability to receive an email and/or sms with a “magic link” for user identification.  If you select this option, you can then specify which of the delivery addresses stored in the directory you wish to allow enrollment links to be sent to
  • Users will be presented with the options in their user identification workflow based on what you have selected here and what is populated for the user in your directory
When choosing to send a link to a known delivery address, you will also specify what the user can do if they are unable to access their email or sms. Here you can choose to:
  1. Prevent Enrollment: selecting this means that the user cannot proceed without the ability to access a known delivery address. If you select this option, you can also choose to
  2. Proceed with Knowledge Factors: where you can choose to allow the user to complete self-service by answering questions that can be validated against the directory
  3. Include Help Link: this option presents a link in the enrollment stating “I do not have access to my email or phone”. This link presents the user with an “Access Denied” screen informing them the organization requires the use of the magic link to proceed. They are further instructed to select a contact option or contact the Help Desk for support
You can add up to 2 additional steps for Identity Verification, by clicking the Add Identity Verification Step button. Identity Verification: These steps are optional - when enabled workflows are created to require the user identity to be verified (workflows support up to 2 Identify Verification Steps).  The approvers can be either:
  1. Entitlement Group: as defined here by selecting an Entitlement Group that has been created in TruU under “Entitlements”
Or
  1. User’s Manager: as defined in the user directory
If User’s Manager is selected as one of the steps, you will also specify what to do if the User does not have a Manager in the directory.  The available options are:
  • Automatically Approve
  • Automatically Unenroll
  • Route to an Entitlement Group
In addition to defining who is to approve, you can also choose how approvers are allowed to approve.  The available options are:
  • In Person
  • Phone
  • Video Conference
If a multi-step workflow has been created, the user device will be enrolled at the “Basic” level once Step 1 is completed.  For more on this concept, refer to the Assurance Level topic, in the online help under “Mobile”
Configuring Primary User Identifier Configuring Policies