Configuring a Default User Group for Federated Authentication Providers - Identity and Access Management Services - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - external - OnBase/Identity-and-Access-Management-Services/Foundation-23.1/Integrating-With-Hyland-IAM-Services/Configuring-the-OnBase-Environment-for-IdP-Authentication/Configuring-Third-Party-Authentication-Providers/Configuring-a-Default-User-Group-for-Federated-Authentication-Providers - 2023-09-11

Integrating With Hyland IAM Services
Platform
OnBase
Product
Identity and Access Management Services
Release
Foundation 23.1
License

The following providers use federated authentication, which requires a default User Group to be configured in OnBase:

  • WS-Federation (AD FS)

  • CAS

  • SAML

New user accounts that are created in OnBase when a user logs in through federated authentication are assigned to the default User Group if there are no matching User Groups for that user in OnBase.

To configure a default User Group in OnBase:

  1. Launch the OnBase Configuration module.
  2. Select System Generated User Settings from the Utils menu. The SSO Default User Group dialog is displayed.
  3. Select a user group from the Default User Group drop-down list, or select << None >> to disable the creation of system-generated users.
    CAUTION:

    System-generated users inherit all rights and permissions given to the default user group selected. Since users are generated automatically, it is recommended that you create a default user group that is granted only the most basic rights, not allowing system-generated users to perform any kind of processing, editing, or configuration tasks.

  4. Click Save, or click Cancel to close the dialog without saving.
    Tip:

    See the Configuration help files or System Administration module reference guide for details on creating User Groups in OnBase.