After configuring the Hyland IdP client connection for Quick Access, update additional settings in the Quick Access configuration file.
To update the configuration file:
- Open the Quick Access appsettings.json file for editing in a plain-text editor. In a default installation, this file is located at: C:\Program Files\Hyland'av\config\
- Locate the xpConfigMappings block.
-
In the authConfig block, update the values of the following settings:
Setting
Value
issuer
The base URL of the Hyland IdP server. For example, if the domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is: https://my.domain/identityprovider
Tip:Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.
scope
The scope(s) enabled for the Hyland IdP Client.
For example: openid evolution offline_access
clientId
The unique ID of the client connection to use on the Hyland IdP server. This value is case sensitive and must match exactly the value for the client connection on the Hyland IdP server.
Tip:This is the client ID value that you copied when configuring the client connection on the Hyland IdP server in Configuring IdP Authentication for Quick Access.
redirectUri
The URL of the post-authentication endpoint for Quick Access. The endpoint is created by appending /view/authentication-confirmation to the public origin and application name for Quick Access.
For example, if the public origin is https://server.domain.com and the application is named QAV, then the redirectUri value is:
https://server.domain.com/QAV/view/authentication-confirmation
Tip:Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.
postLogoutRedirectUri
The URL of the endpoint after logging out of Quick Access. The endpoint is created by appending /view/unauthenticated to the public origin and application name for Quick Access.
For example, if the public origin is https://server.domain.com and the application is named QAV, then the postLogoutRedirectUri value is:
https://server.domain.com/QAV/view/unauthenticated
Tip:Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.
apiEndpoints
The endpoint or endpoints for the API Server. This is entered as a single endpoint or an array. Multiple values are separated by commas. For example, for a single endpoint:
[ "https://server.domain.com/api" ]
For multiple endpoints: [ "https://server1.domain1.com/api", "https://server2.domain2.com" ]
Tip:Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.
connectEndpoint
The API Server endpoint that will be accessed to establish an OnBase session.
For example:
https://server.domain.com/api/file-types/1
Tip:Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.
silentRefresh
This specifies whether or not the user's authentication token is renewed upon expiration as long as the user is active in the application. By default, this is set to true.
-
Update the logApi setting. This specifies the logging endpoint on the API Server where client logs are sent.
This value should contain the URL of the API Server with /logging appended. For example:
https://server.domain.com/api/logging
-
Update the obDocumentApi setting. This is the URL of the Document Management REST API.
This value should contain the URL of the API Server with /onbase/core appended. For example:
https://server.domain.com/api/onbase/core
-
Update the obGraphQLApi setting. This is the URL of the OnBase GraphQL endpoint on the API Server.
This value should contain the URL of the API Server with /onbase/graphql appended. For example:
https://server.domain.com/api/onbase/graphql
-
Update the inactivityTimeout setting if necessary. This specifies whether or not Quick Access will prompt the user to reauthenticate before being logged out due to inactivity. By default, this is set to true.
If this is set to true, the user is prompted to reauthenticate before being logged out due to inactivity. If this is set to false, the user is not prompted before being logged out.
- Save and close the appsettings.json file.
- Recycle the application pool for Quick Access for the changes to take effect.