Configuring Third-Party Authentication Providers - Identity and Access Management Services - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - external

Integrating With Hyland IAM Services

Identity and Access Management Services
Foundation 23.1

As long as the third-party authentication provider returns a valid token to the Hyland IdP server, using a supported protocol, there is no additional configuration required on the third-party provider server.


Detailed instructions on how to configure a third-party authentication provider to correctly authenticate and return valid tokens for use with the Hyland IdP server are beyond the scope of this documentation. For help with configuring third-party providers, see the documentation provided by the developers of the software being used.

The Hyland IdP server currently supports authentication with:

  • WS-Federation (AD FS)

  • CAS

  • SAML2


Some third-party authentication providers use protocols that return a reference to a token instead of the token itself. In these situations, the reference token must be dereferenced by the IdP through communication with the third-party provider before the claims information can be retrieved and passed to the OnBase Application Server.

Dereferencing is required with third-party authentication providers that use the CAS protocol or the artifact binding defined in the SAML standard.