Existing User Invitation Workflow
The Existing User Invitation Workflow revolves around inviting users already within the system, encouraging ongoing engagement and platform utilization. This workflow is ideal for administrators who provision users in Wristband in advance and then intend to send them an email, granting them self-access at a later point.
This contrasts with the New User Invitation Workflow, tailored for onboarding individuals new to an application. It includes sending invitations, guiding users through the initial setup, and creating an account. The user does not exist in Wristband before accepting a New User Invitation.
When a user lands on the Existing User Invitation Page, they will be prompted to enter a password if they were provisioned in the Wristband Identity Provider and the password login factor is enabled.
How to Send Existing User Invitations
There are two main ways to send Existing User Invitations: from the Wristband Dashboard and programmatically from your application.
From the Wristband Dashboard, you can find a Send Invite button on the Edit User Page of any provisioned user in both Application View and in Tenant View.
For programmatic invocation of the Existing User Invitation Workflow in your application, you can call the Wristband Invite Existing User API.
Upon sending, the user will receive the invitation email at the provided email address. The Action Link URL in the email body can be configured for details such as expiration time and URL location on the Email Policy Page in the Wristband Dashboard.
Resending and Cancelling Invitations
Only one pending invitation for a specific email address is allowed within a tenant at any given time. If an end user has already received an Existing User Invitation and another application user or an admin sends a second invitation to the same end user, the first invite is automatically canceled.
For programmatic cancellation of the Existing User Invitation Workflow in your application, you can call the Wristband Cancel Existing User Invite API. Alternatively, you can also deactivate the user since they have already been provisioned.
Redirecting Back to Your Application
When concluding the Existing User Invitation workflow, Wristband typically redirects the user to your application's Login endpoint to initiate the Authorization code flow. At this juncture, the Wristband authentication session has already been established, enabling your application to acquire an access token without prompting the user to re-enter credentials on the Login Page. However, it is possible that Wristband could redirect the user to a different URL aside from your application's Login Endpoint depending on a few configurations.
The final destination URL that Wristband redirects to at the end of the Existing User Invitation workflow is resolved in the following order:
- Check if a custom redirect URL is enabled in the Existing User Invitation Workflow Policy at the Tenant level for the tenant which the user is being invited into.
- Check if an OAuth2 Client login URL is configured for the Client through which the user is accepting the invitation with.
- Default to using the Application login URL.
Updated 4 months ago