Configuring IdP Authentication for Quick Access - Quick Access - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - Essential - Premier - Standard - external - Essential - Premier - Standard

Quick Access

Platform
OnBase
Product
Quick Access
Release
Foundation 23.1
License
Essential
Premier
Standard

To configure Quick Access to use the Hyland IdP server for authentication:

  1. Configure a client connection on the Hyland IdP server for Quick Access to use.
    Tip:

    For information on configuring a client connection on the Hyland IdP server, see the Identity and Access Management Services documentation.

    The client connection must use the following settings, as well as any standard required settings. All other settings can be left with the default values.

    Setting

    Value

    Protocol Type

    oidc

    Redirect URLs

    The URL for Quick Access that defines the post-authentication endpoint.

    The post-authentication endpoint is created by appending /view/authentication-confirmation to the public origin and application of Quick Access. For example, if the public origin is https://server.domain.com and the application is named QAV, then the post-authentication endpoint is: https://server.domain.com/QAV/view/authentication-confirmation

    Tip:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.

    Allowed Grant Types

    Authorization Code

    Allowed Scopes

    • openid

    • evolution

    • offline_access

    Allow clients to request a refresh token

    This option must be selected.

    Post Logout Redirect URLs

    The URL of the endpoint after logging out of Quick Access. The endpoint is created by appending /view/unauthenticated to the public origin and application of Quick Access. For example, if the public origin is https://server.domain.com and the application is named QAV, then the postLogoutRedirectUri value is: https://server.domain.com/QAV/view/unauthenticated

    Tip:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.

    Pkce

    Select Require PKCE.

  2. Save the client connection. The Client ID value is automatically populated.
  3. Copy the Client ID value to the clipboard by clicking the icon next to the Client ID field.

    This value is needed when updating the Quick Access configuration file. See Updating the Quick Access Configuration File.

  4. Recycle the application pool of the Hyland IdP server in IIS for any configuration changes on the Hyland IdP server to take effect.