Updating the Quick Access Configuration File - Quick Access - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - Essential - Premier - Standard - external - Essential - Premier - Standard

Quick Access

Platform
OnBase
Product
Quick Access
Release
Foundation 23.1
License
Essential
Premier
Standard

After configuring the Hyland IdP client connection for Quick Access, update additional settings in the Quick Access configuration file.

CAUTION: Be very careful when updating the JSON configuration files. If a copy exists with a similar naming scheme (for example, appsettings.backup.json), and that copy is not deleted, the incorrect JSON configuration file may be used. Configuration files are read in lexicographic order, or the order in which they are loaded. This means that the last file saved is the first file loaded. The order of precedence for the loading of the configuration sources is: 1) appsettings.json file, 2) appsettings.{AltName}.json file, 3) Key-per-file directories, 4) Environment variables, and 5) Command Line arguments. As a result, if a JSON configuration file is configured with an alternate name, and is the most recently saved version of the JSON configuration file, the file with the alternate name will take precedence, which causes major errors during login.

To update the configuration file:

  1. Open the Quick Access appsettings.json file for editing in a plain-text editor. In a default installation, this file is located at: C:\Program Files\Hyland'av\config\
  2. Locate the xpConfigMappings block.
  3. In the authConfig block, update the values of the following settings:

    Setting

    Value

    issuer

    The base URL of the Hyland IdP server. For example, if the domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is: https://my.domain/identityprovider

    Tip:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.

    scope

    The scope(s) enabled for the Hyland IdP Client.

    For example: openid evolution offline_access

    clientId

    The unique ID of the client connection to use on the Hyland IdP server. This value is case sensitive and must match exactly the value for the client connection on the Hyland IdP server.

    Tip:

    This is the client ID value that you copied when configuring the client connection on the Hyland IdP server in Configuring IdP Authentication for Quick Access.

    redirectUri

    The URL of the post-authentication endpoint for Quick Access. The endpoint is created by appending /view/authentication-confirmation to the public origin and application name for Quick Access.

    For example, if the public origin is https://server.domain.com and the application is named QAV, then the redirectUri value is:

    https://server.domain.com/QAV/view/authentication-confirmation

    Tip:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.

    postLogoutRedirectUri

    The URL of the endpoint after logging out of Quick Access. The endpoint is created by appending /view/unauthenticated to the public origin and application name for Quick Access.

    For example, if the public origin is https://server.domain.com and the application is named QAV, then the postLogoutRedirectUri value is:

    https://server.domain.com/QAV/view/unauthenticated

    Tip:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.

    apiEndpoints

    The endpoint or endpoints for the API Server. This is entered as a single endpoint or an array. Multiple values are separated by commas. For example, for a single endpoint:

    [ "https://server.domain.com/api" ]

    For multiple endpoints: [ "https://server1.domain1.com/api", "https://server2.domain2.com" ]

    Tip:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.

    connectEndpoint

    The API Server endpoint that will be accessed to establish an OnBase session.

    For example:

    https://server.domain.com/api/file-types/1

    Tip:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS.

    silentRefresh

    This specifies whether or not the user's authentication token is renewed upon expiration as long as the user is active in the application. By default, this is set to true.

  4. Update the logApi setting. This specifies the logging endpoint on the API Server where client logs are sent.

    This value should contain the URL of the API Server with /logging appended. For example:

    https://server.domain.com/api/logging

  5. Update the obDocumentApi setting. This is the URL of the Document Management REST API.

    This value should contain the URL of the API Server with /onbase/core appended. For example:

    https://server.domain.com/api/onbase/core

  6. Update the obGraphQLApi setting. This is the URL of the OnBase GraphQL endpoint on the API Server.

    This value should contain the URL of the API Server with /onbase/graphql appended. For example:

    https://server.domain.com/api/onbase/graphql

  7. Update the inactivityTimeout setting if necessary. This specifies whether or not Quick Access will prompt the user to reauthenticate before being logged out due to inactivity. By default, this is set to true.
    If this is set to true, the user is prompted to reauthenticate before being logged out due to inactivity. If this is set to false, the user is not prompted before being logged out.
  8. Save and close the appsettings.json file.
  9. Recycle the application pool for Quick Access for the changes to take effect.