Configuring the Application Server to Use IdP Authentication - Identity and Access Management Services - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - external

Integrating With Hyland IAM Services

Platform
OnBase
Product
Identity and Access Management Services
Release
Foundation 23.1
License

To configure the OnBase Application Server to use the Hyland IdP server for IdP authentication:

  1. Open the web.config file of the OnBase Application Server for editing in a plain-text editor. In a default installation, the web.config file is located at C:\inetpub\wwwroot\AppServer.
  2. Locate the accessTokenValidation element.
  3. If the accessTokenValidation element is commented out, uncomment it by removing the <!-- at the start of the element and the --> at the end of the element.
  4. Set the values of the following attributes in the accessTokenValidation element:

    Attribute

    Value

    idp

    The URL of the Hyland IdP server. Do not include a tenant in the URL. This value is case sensitive.

    For example, if your domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is: https://my.domain/identityprovider

    audience

    The resources endpoint of the Hyland IdP server. This value is case sensitive.

    For example, if your domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is: https://my.domain/identityprovider/resources

    nameClaimType

    The claim in the access token that contains the user name of the user logging in. The default value is username.

    apiName

    Leave this value empty.

    apiSecret

    Leave this value empty.

  5. Save and close the web.config file.
  6. Recycle the application pool of the OnBase Application Server for the changes to take effect.