Enrollment Keys

The Enrollment Keys page displays a list of all the enrollment keys that have been created, status, expiry, and total and remaining number of activations.

You can search for a specific key by starting to type the name, or filter the list by state using the Show drop-down:

  • Active: Enrollment keys available for use.
  • Revoked: Enrollment keys unavailable for use.
  • Expired: Enrollment keys unavailable for use, the expiry date has been exceeded.
  • Depleted: Enrollment keys unavailable for use, there are no activations left.

The following details display for each enrollment key:

  • Name: Name of the enrollment key.
  • Policy: Name of the agent policy that the enrollment key is assigned to.
  • Status: The status of the enrollment key, this can be Active, Revoked, Expired, or Depleted.
  • Activations:
    • Total: The total number of activations assigned to the key.
    • Remaining: The number of available activations left on the key.
    • Expired: The set expiry date has passed.
  • Created:
    • By: The name of the person that created the enrollment key.
    • Date: The date the enrollment key was created.
  • Actions:
    • Copy key to clipboard: Select to copy the full enrollment key to the clipboard for use in other pages.
    • Revoke: Select to revoke the enrollment key. A confirmation dialog appears, select Revoke to confirm the action. The key remains in the list with the updated Status of Revoked.

    • If you revoke an enrollment key for either of the two out-of-the-box policies: Default Agents, Infrastructure Agents, a new key is automatically system generated. Keys revoked from any other policy will require you to manually create a new key.

Create New Key

  1. Select Create New Key to create a new enrollment key.
    The Create Enrollment Key panel appears.
  2. Enter a Name for the enrollment key.
  3. Select the Agent Policy that the enrollment key is to be assigned to.
  4. In the Limits section, select one of the following:
    • Use limits (Recommended): Select to limit the key to a specified number of activations and duration.
      • Enter the number of agent endpoints that this key can be used for.
      • Enter the date that the key will expire.
    • Use maximum: Select to have the maximum number of activations (2,000,000,000), and no expiry date set for the key.

    5. To increase security, Ivanti recommends to 'Use limits' so that the key has a limited number of agent endpoints and a set expiry date. This will help to protect against bad actor abuse.

  5. Click Create to create the enrollment key.
    If creation is successful, the Keyfield appears populated with the generated key. Click copy to clipboard icon to copy the key to the clipboard if you are using the key straight away.
  6. Click Close to close the Create Enrollment Key panel and return to the Enrollment Keys page.