The server stores the PIN and responds with a 13 digit registration code . The decrypted code is hashed by the server's public key and presented to the user as an alphanumeric (preventing a MiTM attack during this process).
The account is created, but it is not associated with a user name so it can't be used. The user can be manually validated by the WiKID Admin or users can register themselves based on some trusted process. We provide example scripts on how to do this using Active Directory credentials. But it can be any process you trust.
That's it for registration. It is only needed once.
