Pre-loading members into your organization
If your organization uses a third-party identity provider (IDP):
- Users are added to the organization via your IDP “on the fly” (at the time of their first login)
- However, you may still “pre-load” users, generating their encryption keys before their first login; follow the instructions here
If your organization does NOT use a third-party IDP:
- To add members to your organization, follow the instructions here
When you use this method to add a member to an organization that does not host its own Confidencial Key Server (CKS), a temporary key pair is generated for their account so users can immediately encrypt content for them. This temporary key is stored in Confidencial’s secure key server. Once the invited user registers their account, they will generate a more secure split key. All subsequent encryptions for them will use the split key. In organizations that host their own CKS, temporary key pairs are stored in the organization’s CKS.
NOTE: You need to be logged in as an administrator with
crud:encryption-keys-org permission to be able to use this feature, which generates keys for other members of the organization.- Once logged in to the desktop or web app, click Members under Organization Admin in the sidebar menu
- Click Add Member
- Enter the email addresses of the members for which you wish to pre-load and generate keys. You may enter email addresses manually or load a list of email addresses from a CSV file (one email address per line).
- Click Add Members and Generate Keys
- If you do not see Add Members and Generate Keys but instead see Send Invites, then you are not using a third-party IDP. To add members, follow the instructions here: Adding members to an organization.
The added members will now have keys generated for them, they will now appear in the organization’s directory listing, and other users may protect content for them immediately.