Generic selectors
Exact matches only
Search in title
Search in content

User Enrollment Options for two-factor authentication

Don’t disrupt the workflow, simplify it

SecSign offers numerous options and processes to simplify and streamline the enrollment and on-boarding of your two-factor authentication. While the following information give an overview of some of our options, we also offer customized solutions build for your individual requirements. Contact us for more information and your custom on-boarding procedure.

Find out why our Two-Factor Authentication is the best, some key-facts for developers and why you should upgrade to SecSign for your business.

Learn more about the options of on-premise use and your own customized ID App in your corporate design.

Download the plugin as cloud version for a free and convenient protection.

What exactly does enrollment mean anyways?

You decided to switch your systems to two-factor authentication, now what? Onboarding of your users should be simple and intuitive, not the topic of several meetings and HR discussions. With the SecSign ID enrollment procedures you’ll have your users set up in no time and with minimal administrative effort.

The SecSign ID

For the two-factor authentication login the user enters an ID. This ID is not confidential, it can be a simple name or based off your requirements (for example Email handle, existing user names). This ID identifies the user for the authentication, basically like a user name.
During the enrollment of the user he defines a SecSign ID to be used with his account, or the administrator predefines one for him.
Alternatively, a two-step authentication can be activated, where the user has to provide both his user name and password as well as the two-factor authentication to gain access to his account. Two-step authentication can be activated by the administrator.
The ID is connected to the existing users in the user management system, for example Active Directory. More information about the integration with existing user management systems is available here.

For existing users, complex setups and new sign-ups:
The SecSign ID Enrollment covers all your users

With the SecSign ID Rollout procedures you can conveniently sign up all users – both old and new and with varying security requirements. Use the SecSign ID 2FA Server as simple 2FA extension for your existing Identity Management system, or upgrade your user management with the ID Server as a custom and extensive Identity Management (IDM) for your user data and user management. Simplify and secure your user management with the SecSign ID IDM without the need for additional user directories, for example AD.

For existing users in your user directory, for example Active Directory

Option 1:

Keep your existing User Directory and use the SecSign ID server just for the 2FA

You already have your users set up in your user directory, for example Active Directory, Atlassian Crowd or similar.
Your user directory (for example Active Directory) is connected to the on-premise SecSign ID. The individual user accounts will be connected to an unique 2FA ID (SecSign ID). You have the option to connect your users directly in the user directories (for example via schema extension in the Active Directory), or directly in the SecSign ID server (without any changes to your user directory).

Users can be connected to their unique 2FA ID (SecSign ID) either automatically or manually via the admin, depending on your requirements.To automatically connect the user to their unique ID, they can log in with their regular user credentials (from the user directory) on either the service website ( for example Atlassian), a custom website or the custom SecSign ID app.

The user logs in with his user credentials via the on-boarding page (either custom or via the service, for example Atlassian). The user is presented with a QR-code or on-boarding code to activate the 2FA via the SecSign ID app. Rollout options (for example QR-Code, pre-defined user names) for the user can be customized to match your needs.

Option 2:

Import your user data to the ID server

This gives you the option to use the SecSign ID server both on-premise or in the cloud as an Identity Management Server for all your users. Rollout for your users is as convenient as you want it to be.

For users that don’t have an account with you yet

Signing up, registering and managing new users or a new management setup is easy with the SecSign ID. You decide how secure the user registration needs to be.

Option 1:

Simple activation
You don’t need a highly secure identification of the users to sign up, they can register and activate their 2FA without additional verification of their identity. You can send out activation links via for example Email.

Option 2:

High Security activation
You want additional security in identifying your users. Security features for this option can be defined individually to fit your requirements, for example identification with PostID, VideoID, or a simple letter to their address to verify their identity.

Rollout and Enrollment:
Solutions for every setup

Our Enrollment and Onboarding options are intuitive and fit any company setup. Wether you want to link your user management system, for example Active Directory, or not, have the administrator do all the work or rely on your users to sign up. We offer ready-to-use solutions for all systems, and custom setups for everyone else.

Some setups require a special enrollment procedure, for example Atlassian Crowd setups, some SSO setups or setups with both external and internal users.
SecSign offers a convenient, secure and straightforward way to enroll users for any of those scenarios. Simply message us with your requirements and we’ll provide you with the perfect enrollment scenario for your setup

Contact us

How does the enrollment look like?

Examples of Rollout, Onboarding and 2FA Activation

Every setup is different, and so are your requirements. The following enrollment and activation procedures can give you a visual overview of what is possible with the SecSign ID, but the rollout is not limited by these examples. Have a look at the custom ID app for more options, the Crowd tutorial for Atlassian Crowd setups, or contact us for and individualized procedure.


Maximum brand recognition with your corporate design. We build your company app for you, offer SDKs for easy integration in existing apps or simply add some design modifications to match your profile.
Our SDK for your app also offers true online signatures for improving your workflow.

More information

Why upgrade to SecSign?

On-premise or in the cloud

Choose between our SecSign ID Cloud or operate your own on-premise Two-Factor Authentication server.

Easy customization

Operate your own YourBrand ID app - Two-Factor Authentication customized to your needs.

Ready-to-use SDK

Integrate SecSign ID Two-Factor Authentication in existing apps with our ready-to-use SDK.

Easy user management

Use the Two-Factor Authentication Server to secure your company Active Directory/LDAP. Your own Identity and Access Management System, for example for mandatory updates and additional security features.

Cover all logins

Integration in any login environment: web, local, VPN, remote desktop, mobile logins and many more.

Plugins for all your needs

No need for complex integration: we have plugins for almost all environments.

Lost your phone? Don’t worry!

Total control at any time over all duplicated ID’s, information about the replication via push notification and special alert/message on all devices.

  1. Restoration code / backup code protects you from the loss of the ID
  1. Remote wipe protects you from unauthorized use: “Remotely unpair lost or stolen devices from anywhere” admin page and device list

Your own ID-Server

On-premise installations of SecSign ID offer the flexibility to connect with your preferred servers, services, and devices. And you can customize the SecSign ID with your own organization’s branding.


SecSign 2FA