To use IdP authentication with Disconnected Scanning, create a command line with the following switches.
Before launching Disconnected Scanning the client connection must be configured on the Hyland IdP server. See Configuring Disconnected Scanning to Use IdP Authentication.
Switch |
Value |
---|---|
-IDP |
The URL of the Hyland IdP server. Do not include a tenant in the URL. This value is case sensitive. For example, if your domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is: https://my.domain/identityprovider |
-IDPTENANT |
The name of the tenant on the Hyland IdP server. This value is case sensitive. |
-IDPCLIENTID |
Paste the client ID you copied from the client connection as the value of the IDPCLIENTID switch. This is the unique ID of the client connection on the Hyland IdP server. This value is case sensitive and must match exactly the value on the Hyland IdP server. |
-IDPREDIRECTURI |
The URL of the Service.asmx page of the OnBase Application Server. This value must be all lowercase and the same as the value configured in the Redirect URLs for the client connection on the Hyland IdP server. |
-IDPCHALMODE |
The recommended value is S256. Note:
If plain is used as the challenge mode then Allow PKCE with a plaintext code challenge must be selected for the client connection on the Hyland IdP server. |
For example, a command line to launch Disconnected Scanning using IdP authentication may look like this:
"C:\Program Files (x86)\Hyland\Disconnected Scanning\disconnectedscan.exe" -IDP="https://my-server/identityprovider" -IDPTENANT="MyTenant" -IDPCLIENTID="36f2221c-55e0-482b-8776-a1ed025df011" -IDPREDIRECTURI="https://my-server/appserver/service.asmx" -IDPCHALMODE="S256"
When Disconnected Scanning is launched from the command line with the switches you configured applied, the Hyland IdP server is used for authentication.