Configuring a Default User Group for Federated Authentication Providers - Identity and Access Management Services - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - external

Integrating With Hyland IAM Services

Identity and Access Management Services
Foundation 23.1

The following providers use federated authentication, which requires a default User Group to be configured in OnBase:

  • WS-Federation (AD FS)

  • CAS

  • SAML

New user accounts that are created in OnBase when a user logs in through federated authentication are assigned to the default User Group if there are no matching User Groups for that user in OnBase.

To configure a default User Group in OnBase:

  1. Launch the OnBase Configuration module.
  2. Select System Generated User Settings from the Utils menu. The SSO Default User Group dialog is displayed.
  3. Select a user group from the Default User Group drop-down list, or select << None >> to disable the creation of system-generated users.

    System-generated users inherit all rights and permissions given to the default user group selected. Since users are generated automatically, it is recommended that you create a default user group that is granted only the most basic rights, not allowing system-generated users to perform any kind of processing, editing, or configuration tasks.

  4. Click Save, or click Cancel to close the dialog without saving.

    See the Configuration help files or System Administration module reference guide for details on creating User Groups in OnBase.