Enabling IdP Authentication Using the Registry - Identity and Access Management Services - English - Foundation 22.1 - OnBase - external

Integrating With Hyland IAM Services

Platform
OnBase
Product
Identity and Access Management Services
Release
Foundation 22.1
License

To use IdP authentication with Disconnected Scanning without requiring command-line switches you must configure the values as Windows registry settings.

Tip:

Before launching Disconnected Scanning the client connection must be configured on the Hyland IdP server. See Configuring Disconnected Scanning to Use IdP Authentication.

Add the following registry keys under the HKLM\SOFTWARE\WOW6432Node\Hyland Software\RemoteScan\ node and give them the following values. The Hyland Software and RemoteScan nodes may need to be added to the registry.

CAUTION:

Modify the registry at your own risk. Incorrectly editing the Windows registry can cause serious problems that may require you to reinstall your operating system. Be sure to back up the registry before making any changes to it. For more registry information, see the following Microsoft articles: http://support.microsoft.com/kb/256986 and http://technet.microsoft.com/en-us/library/cc725612.aspx

Registry Key

Value

IdPAddress

The URL of the Hyland IdP server. Do not include a tenant in the URL. This value is case sensitive.

For example, if your domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is: https://my.domain/identityprovider

IdPTenant

The name of the tenant on the Hyland IdP server. This value is case sensitive.

IdPClientID

Paste the client ID you copied from the client connection as the value of the IdPClientID setting.

This is the unique ID of the client connection on the Hyland IdP server. This value is case sensitive and must match exactly the value on the Hyland IdP server.

IdPRedirectURI

The URL of the Service.asmx page of the OnBase Application Server.

This value must be all lowercase and the same as the value configured in the Redirect URLs for the client connection on the Hyland IdP server.

IdPChallengeMode

The recommended value is S256.

Note:

If plain is used as the challenge mode then Allow PKCE with a plaintext code challenge must be selected for the client connection on the Hyland IdP server.

When Disconnected Scanning is launched with the registry settings configured, the Hyland IdP server is used for authentication.