# Enroll yourself

{% hint style="info" %}
Required permissions: right to use the [/enroll](https://docs.exoguard.io/commands#enroll) command (default: everyone).
{% endhint %}

{% hint style="warning" %}
This tutorial assumes you are going to enroll with a TOTP authenticator, not a passkey.
{% endhint %}

If you want to use [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn) instead, please [start an enrollment session](#start-an-enrollment-session) then click on the blurple `WebAuthn` button to get started. While the menus are straightforward, check out our [WebAuthn tutorial](https://docs.exoguard.io/tutorials/enroll-yourself/webauthn) page for more information.

## Install a TOTP application

Before you begin, you will need a way to generate time-based one-time passwords ([TOTP](https://en.wikipedia.org/wiki/Time-based_one-time_password)).

There are many supported TOTP applications you can use:

* 2FAS ([Android](https://play.google.com/store/apps/details?id=com.twofasapp) / [iOS](https://apps.apple.com/us/app/2fas-auth/id1217793794) / [Browser](https://2fas.com/browser-extension/))
* Google Authenticator ([Android](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2) / [iOS](https://apps.apple.com/app/google-authenticator/id388497605))
* Microsoft Authenticator ([Android](https://play.google.com/store/apps/details?id=com.azure.authenticator) / [iOS](https://apps.apple.com/app/microsoft-authenticator/id983156458))
* Twilio Authy Authenticator ([Android](https://play.google.com/store/apps/details?id=com.authy.authy) / [iOS & macOS](https://apps.apple.com/app/twilio-authy/id494168017))
* 2fast ([Windows](https://apps.microsoft.com/detail/9p9d81glh89q))

Feel free to use the software or application you prefer, be it in the list or not.

***

## Start an enrollment session

{% hint style="info" %}
You can start a new enrollment session even if you are already enrolled on a server.\
In that case, you will be asked to authenticate with your TOTP before you can proceed.
{% endhint %}

To begin, type the [/enroll](https://docs.exoguard.io/commands#enroll) command on a server to generate a new QR code and secret key:

<figure><img src="https://398570007-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDyGYxFhaTYzM26AZtRoR%2Fuploads%2FRKFeiboSqAbwqVDiB1Uf%2FDiscord_2024-08-28_02-47-04.png?alt=media&#x26;token=7362f467-505f-40aa-8cb4-f3404566c4f9" alt=""><figcaption><p>Screenshot of an ephemeral message containing a QR code and a secret key, both marked as spoilers.</p></figcaption></figure>

{% hint style="info" %}
Note: the QR code contains an `otpauth://` URL with your secret key in it.\
While it is recommended to securely backup one of them, you don't need both.
{% endhint %}

### Method #1: scan the QR code with your authenticator (recommended)

{% hint style="warning" %}
**Do not scan the QR code with the Discord mobile app, it will not work!**

*If a bots asks you to do that, it's 100% a scam to steal your Discord account.*
{% endhint %}

With Google Authenticator as an example:

1. Open the app, click on `Add a code` or the bottom-right `+` sign
2. Select the `Scan a QR code` option and allow the app to take pictures
3. Reveal the QR code spoiler on Discord then scan it with the app as intended
4. Done, the app should show a 6-digit code (TOTP) that changes every 30 seconds

### Method #2: manually enter the secret key in your authenticator

{% hint style="warning" %}
As a reminder, do not give your secret key to anyone, not even to:

* An Exoguard representative (we will never ask for it)
* Your server owner (they don't need it at all, trust us on that)
* A Discord employee (they don't need it either, they don't care)
* A family member (especially not your little brother, of course)
* The President of the United States of America (just in case)
* Your BLÅHAJ (it's sweet as heck but you really never know)
* Anyone, really, don't trust anybody else with it, just keep it
  {% endhint %}

With Google Authenticator as an example:

1. Open the app, click on `Add a code` or the bottom-right `+` sign
2. Select the `Enter a setup key` option and set a custom account name
3. Reveal the secret key spoiler on Discord then write it in the `Your key` text field
4. Make sure the selected type of key is `Time based` which is the default setting
5. Done, the app should show a 6-digit code (TOTP) that changes every 30 seconds

## Confirm your enrollment

{% hint style="info" %}
If you want to backup your QR code or secret key, do it before confirming your enrollment.\
Upon confirmation, the ephemeral message will be edited so they will be definitely removed.
{% endhint %}

Once your authenticator application shows a TOTP, you need to confirm it on Discord:

1. Click the `Confirm enrollment` button to display a confirmation modal
2. Write the authentication code that is currently displayed by your authenticator in it

<figure><img src="https://398570007-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDyGYxFhaTYzM26AZtRoR%2Fuploads%2FV7Q58G6FEfPKTAySpvhH%2FDiscord_2024-08-28_02-54-30.png?alt=media&#x26;token=c6d87a5c-4bde-4efe-b758-80f09857ebc6" alt=""><figcaption><p>Screenshot of an enrollment confirmation modal seen on top of the ephemeral enrollment message.</p></figcaption></figure>

Click the `Submit` button and you're done, you should get a confirmation message:

<figure><img src="https://398570007-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDyGYxFhaTYzM26AZtRoR%2Fuploads%2FDUBpRijG5jEuDX3DZHep%2FCapture%20d%E2%80%99e%CC%81cran%202024-03-03%20a%CC%80%2002.02.29.png?alt=media&#x26;token=3c130ff1-ffd7-413a-a129-30c835757f59" alt=""><figcaption><p>An ephemeral success message, confirming the enrollment is done.</p></figcaption></figure>

Once you are enrolled with Exoguard on your server, congratulations! The server owner or a server administrator can now use the [/config roles add](https://docs.exoguard.io/commands#config-roles-add) command to assign you one or more roles.

If your enrollment session has expired, please use [/enroll](https://docs.exoguard.io/commands#enroll) again. The previously generated QR code and secret key are no longer valid. They can be deleted if you have saved them somewhere else.

***

## Copy your enrollment from another server

As you may have noticed from the above screenshots, enrollment sessions also allow you to copy your enrollment data over from another Discord server. The button becomes available when you have already enrolled successfully on at least one other Discord server.

{% hint style="info" %}
This feature is useful if you have to enroll on multiple related Discord servers.

It will copy your secret key and passkey assignations but will not synchronize or link the Discord servers in any way, your enrollments will therefore remain fully independent.
{% endhint %}

If you click the copy button, you will be asked to select a Discord server:

<figure><img src="https://398570007-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDyGYxFhaTYzM26AZtRoR%2Fuploads%2FHeuLbP5WYLB0oKZYa868%2Fimage.png?alt=media&#x26;token=9644ebdd-70bb-48a7-93b6-02d57f224363" alt=""><figcaption><p>Screenshot of an ephemeral message asking the user to select the server from which to copy their enrollment data.</p></figcaption></figure>

Once you have selected the source server, your enrollment will automatically be confirmed.