Overview
The article outlines the three primary sign-up types for user registration in AdvocateHub, detailing the processes for open signup, invite-only, and request access methods. It emphasizes the control administrators have over user access, especially in scenarios involving Single Sign-On (SSO) and provides a step-by-step guide on how users navigate each registration type, including the potential SSO login flows and the join request process.
Information
You will see the options in the screenshot below by going to Settings > System > Login/Security. The Sign-up Type controls how users sign up for your Hub via three main options:
Open Signup
For Non SSO, any user who visits your Hub's landing page can sign up for an account.
For SSO, the user will have access to your AdvocateHub as long as they have access to your IdP.
You may still use invitations and join codes for more visual styling control and join code targeting.
The potential SSO flows will be as follows:
Flow #1 - User not logged into the IdP in their current browser session
- The user navigates to AdvocateHub URL
- The user is directed to IdP login screen
- The user enters credentials successfully
- The user is directed back to AdvocateHub where they will be now logged in if they already have an account matching the same email address they use to login to the IdP or an account will be created for them if one does not already exist.
Flow #2 - User already logged into the IdP in their current browser session
- The user navigates to AdvocateHub URL
- The user is now logged in to AdvocateHub if they already have an account matching the same email address they use to login to the IdP or an account will be created for them if one does not already exist.
Invite Only
This setting is designed to ensure that only members who have received an email invite or are using a Join URL to signup to your AdvocateHub are allowed access. Even if you are using SSO and they have access to your IdP. When using OAuth, they can not use Join URL's only email invite links.
The potential SSO flows will be as follows:
Flow #1 - User attempts to signup to your AdvocateHub but has not been invited or received a Join URL
The user navigates to the AdvocateHub URL and once they are authenticated with the IdP they will see the below message and be unable to access the AdvocateHub:
Flow #2 - User attempts to signup to your AdvocateHub via an invite link or a Join URL
Once the are authenticated with the IdP and attempt to access the AdvocateHub, they will gain access.
Note : This message or page is not customizable
Request Access
This setting is similar to the 'Invite Only' one with the difference being instead of the user being greeted a message stating that it is an 'invite-only' community a 'Join Request' will be created which the Admin can then approve or decline.
The potential flows will be as follows:
Flow #1 - User attempts to signup to your AdvocateHub but has not been invited or received a Join URL
The user navigates to the AdvocateHub URL and once they are authenticated they will see the below message and be unable to access the AdvocateHub:
Once they click Request Access they will receive confirmation of the request:
Note : At this point, an account will be created for the user in the system and you will find them under the 'Invite List' in your hub.
The Administrator of the program will now see the request under the 'Items To Review' section of the Admin Dashboard:
When the Admin clicks 'Review', they will be given the option to Approve or Decline Request . If approved, an invite will be sent to the user right away. If declined, the user remains in your 'Invite List' to be invited at a later date if you wish but no other action occurs at this time.
Note: If an advocate is already a member of another AdvocateHub with the same email address then there is one additional step in both flows. After they successfully enter their credentials into the customer portal, they will see a message like below:
An email will be sent to the Advocate which will include a link which they just have to click on and they will be brought back to the login screen to enter their credentials once more before gaining access to the AdvocateHub.
FAQ
What are the main sign-up types available in AdvocateHub?
The main sign-up types in AdvocateHub are Open Signup, Invite Only, and Request Access.
How does the Invite Only sign-up type work with Single Sign-On (SSO)?
With Invite Only sign-up, even if users have access to your Identity Provider through SSO, they need an email invite or a Join URL to sign up to your AdvocateHub. OAuth users can only use email invite links.
What happens when a user attempts to sign up without an invitation in an Invite Only setting?
The user will be authenticated with the IdP but will receive a message informing them that they cannot access the AdvocateHub without an invitation.
How does the Join Request process work?
Users can request access to the AdvocateHub, and administrators can approve or decline these requests. Approved users receive an email with a link to access the AdvocateHub, while declined users remain on the Invite List for potential future access.
Can the message or page that appears when a user tries to access an Invite Only AdvocateHub without an invite be customized?
No, the message or page that informs the user that the community is invite-only and cannot be accessed without an invite is not customizable.