Article 428: Why do User Accounts Need to be "Activated" or "Authorized?"

Admissions Module
Knowledge Base 2.0 article 428

Why do User Accounts Need to be "Activated" or "Authorized?"

Navigation Path
Admissions Module → Reports → Unauthorized Accounts

This is a security discussion. 

Custom Forms can be used to create online application forms.

Any time you create a public facing form that writes data to your database you open yourself up to the risk of malicious activity.  With the OASIS Technologies platform we have taken steps to try to mitigate these types of activities to both protect our servers and to protect your data.

When a prospective student begins their application form they are asked to validate their account via email validation.  Once this is done their application form data is moved from a temporary server into your production environment.

This creates the potential for a prospective student to sign into your production environment - which is something that we do NOT want them to do .

To ensure there is no malicious activity within your production environment we set each new user's account to “unauthorized” and we require someone from the admissions team to authorize the account. 

Once an inquiry / applicant has been approved to connect to your production server someone from your admissions team simply needs to “Authorize” the user and then they will be able to sign into the production system.