Configuring the Hyland Office Integrations to Use IdP Authentication - Identity and Access Management Services - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - external

Integrating With Hyland IAM Services

Platform
OnBase
Product
Identity and Access Management Services
Release
Foundation 23.1
License

The supported Hyland Office Integrations can be configured to use the Hyland IdP authentication. This section describes the configuration required for the following modules:

  • Document Composition Template Builder

  • Integration for Microsoft Outlook

  • Office Business Application for Microsoft Excel

  • Office Business Application for Microsoft PowerPoint

  • Office Business Application for Microsoft Word

Note:

The Hyland Office Integrations require the OnBase Application Server to communicate with OnBase. You must also configure the Application Server to use IdP authentication. See Configuring the Application Server to Use IdP Authentication.

In order to use IdP authentication when launching the OnBase Client from the Integration for Microsoft Outlook, the -AL and -ODBC switches must be applied to executable, where the value of the -ODBC switch is the name of the database configured for use with IdP authentication.

The command-line switches can be applied to the executable in the OnBase configuration for Microsoft Outlook. See Launch Client Options in the Integration for Microsoft Outlook module reference guide for details on configuring the command-line switches.

Note:

To use IdP authentication when launching the OnBase Client, the OnBase Client must also be configured for use with IdP authentication. See Configuring the Client and Configuration Modules to Use IdP Authentication.

To configure the Hyland Office Integrations to use the Hyland IdP server for authentication:

  1. Configure a client connection on the Hyland IdP server for the Hyland Office Integrations to use.
    Tip:

    If you have already configured a client connection for use with the OnBase Unity Client, the same client connection can be used for the Hyland Office Integrations. Complete details on configuring a client connection on the Hyland IdP server are documented in the separate Identity and Access Management Services documentation. Version compatibility with OnBase Foundation releases is documented in the Version section of that documentation.

    The client connection must have the following settings, as well as any standard required settings. All other settings can be left with the default values.

    Setting

    Value

    Protocol Type

    oidc

    Redirect URLs

    The URL of the Service.asmx page of the OnBase Application Server. This value must be the same as the ServicePath configured for the Office Business Application. The path must be all lowercase in both places.

    Allowed Grant Types

    Authorization Code

    Allowed Scopes

    openid

    Post Logout Redirect URLs

    The same URL as the Redirect URLs value. This value must be all lowercase.

    Pkce

    Select Require PKCE

    Secret

    Do not select Client Secret must be present

  2. After saving the client connection, copy the Client ID value to the clipboard by clicking the icon at the right of the Client ID field.
    Tip:

    Recycle the application pool of the Hyland IdP server in IIS for any configuration changes on the Hyland IdP server to take effect.

  3. Open the *.dll.config file of the Microsoft Office integration for editing in a plain-text editor. The name of the file depends on the integration and Microsoft Office version being configured.

    Integration

    File (where * is the Microsoft Office version)

    Document Composition Template Builder

    Hyland.Office*.DocumentComposition.Config.dll.config

    Integration for Microsoft Outlook

    Hyland.Office*.Outlook.Addin.dll.config

    Office Business Application for Microsoft Excel

    Hyland.Office*.Excel.Addin.dll.config

    Office Business Application for Microsoft PowerPoint

    Hyland.Office*.Powerpoint.Addin.dll.config

    Office Business Application for Microsoft Word

    Hyland.Office*.Word.Addin.dll.config

    For example, if you are configuring the Office Business Application for Microsoft Word for Microsoft Office 20XX, the file is named Hyland.Office20XX.Word.Addin.dll.config. In a default installation, the files for the Hyland Office Integrations are located in C:\Program Files (x86)\Hyland\Office Integration\Office *\, where * is the Microsoft Office version.

    Note:

    If the module is deployed using ClickOnce you must use the installer to update the deployment package. Editing the configuration file without updating the deployment package will break the deployment.

  4. Locate the ServiceLocations element.
  5. Locate the <add ServicePath element for the OnBase Application Server and data source the Microsoft Office integration uses and update the values of the following attributes.

    Attribute

    Value

    IdpClientId

    Paste the client ID value you copied from the Hyland IdP server into the value of the IdpClientId attribute. This is the unique ID of the client on the Hyland IdP server. This value is case sensitive and must match exactly the value on the Hyland IdP server.

    IdpUrl

    The endpoint of the Hyland IdP server. This value is case sensitive.

    For example, if your domain is my.domain and the Hyland IdP application name is identityprovider, then the value is: https://my.domain/identityprovider

    AuthenticationType

    Set the value to Idp.

    Note:

    This value is case sensitive. Note the uppercase I in Idp.

    ServicePath

    This value should already be populated with the Service.asmx page of the OnBase Application Server, but make sure the value is all lowercase.

  6. Save and close the *.dll.config file.

The *.dll.config files must be updated in the same way for each element of the Office Business Application that will use Hyland IdP authentication.

For example, to update all elements of the Hyland Office Integrations for Microsoft Office 20XX, each of the following *.dll.config files needs to be updated:

  • Hyland.Office20XX.DocumentComposition.Config.dll.config

  • Hyland.Office20XX.Outlook.Addin.dll.config

  • Hyland.Office20XX.Excel.Addin.dll.config

  • Hyland.Office20XX.Powerpoint.Addin.dll.config

  • Hyland.Office20XX.Word.Addin.dll.config