Approving COManage Registrations¶
OSG is using a new identity management system called COManage. This system is used for managing contact information for OSPool and PATh Facility users, Topology site contacts, and OSG/PATh staff.
User registrations must be manually approved by a COManage admin. Follow the instructions below to approve a user registration.
This page is for COManage Admins who want to approve user registrations. If you are a user who wants to register with COManage, go to the Registering for the OSG COManage page instead.
Check for contact registration requests:
If you are a COManage sponsor for a given group of registrants, you will receive email notifications when there are new registration requests. Check for an email from firstname.lastname@example.org saying "Petition for
changed status from Confirmed to Pending Approval" and visit the first link in the body.
Alternatively, you can view all requests pending approval here. Click on the registrant's name to view their request.
Many groups share our COManage instance so make sure that you're only approving registration requests for the appropriate group, e.g. site contacts.
If prompted, log in with your institutional credentials.
Review the request:
Verify that the request is legitimate by doing at least one of the following:
- Find associated support tickets by searching for their email address in Freshdesk
- Ask someone affiliated with the site, collaboration, or the sponsor of a project to verify the registrant's affiliation.
- Ask if other staff have been in contact with them via the
Verify that the registrant has submitted their request using the correct form, e.g. OSPool users should not have submitted a request to register as a Topology contact.
In the top-right corner, click the "Add comment" link and add a note indicating how you verified the request
'Approver Comment' is public
The registrant will see notes added to the "Approver Comment" field
Click the "Approve" button. You should see "Petition Approved" and "Petition Finalized" on top. The Status should now be "Finalized".
Click on their name next to
CO Personto verify that the registrant is
Activeand that they are in the expected groups.
The user will get an email saying "Petition for
changed status from Pending Approval to Approved".
The COManage petition is stuck in the "confirmed" state¶
This may happen if there are issues when confirming the user's email address. We have seen this occur if a user clicks the confirmation link then closes the tab too quickly.
Peopledrop-down on the left, click on
Browse to the
Scroll down to the
Role Attributes, click the gear icon, select
Edit, and set the status for the
Verify that the overall status of the
CO Personrecord is
Active. If not, change it to
Autogenerate Identifierson the right, so that the necessary identifiers are created.
Now that the necessary identifiers exist for the
CO Personrecord, the LDAP DN can be computed and the record provisioned in LDAP. To make sure, click on
Provisioned Servicesand then