If you restrict an enrollment to registered devices only, you also have the option of requiring a registration token. This option increases security by confirming that a particular user is authorized to enroll.
- Enable a token-based enrollment by selecting the appropriate organization group. Navigate to Authentication tab is selected. and ensure that the
- Scroll down past the Getting Started section and select Registered Devices Only as the Devices Enrollment Mode.
A toggle labeled Require Registration Token appears. Enabling this option restricts enrollment to only token-registered devices.
- Select a Registration Token Type.
- Single-Factor – The token is all that is required to enroll.
- Two-Factor – A token and login with user credentials are required to enroll.
- Set the Registration Token Length.
This required setting denotes how complex the Registration Token is and must contain a value between 6–20 alphanumeric characters in length.
- Set the Token Expiration Time (in hours).
This required setting is the amount of time an end user must select a link and enroll. Once it expires, you must send another link.