The Hyland Healthcare Configuration Utility UI requires a client connection configured on the Hyland IdP server.
The Hyland Healthcare Configuration Utility UI must not use the same IdP client connection as the Hyland Healthcare Configuration Utility Server. Each application must have its own client connection configured on the Hyland IdP server.
To configure the IdP client:
-
Create a client connection on the Hyland IdP server for Hyland Healthcare
Configuration Utility UI to use.
Tip:
Complete details on configuring a client connection on the Hyland IdP server are documented in the separate Identity and Access Management Services documentation.
-
Configure the following settings, as well as any standard required
settings.
All other settings can be left with the default values.
Setting
Value
Protocol Type
oidc
Redirect URLs
Add the view/authentication-confirmation and silent-refresh URLs for the Hyland Healthcare Configuration Utility UI.
For example, if your domain is my.domain and the name of the Hyland Healthcare Configuration Utility UI application is HylandHealthcareConfigUtility, then the URLs are:
-
https://my.domain/HylandHealthcareConfigUtility/view/authentication-confirmation
-
https://my.domain/HylandHealthcareConfigUtility/silent-refresh.html
Allowed Grant Types
Authorization Code Allowed Scopes
openid
evolution
Allow users to log in locally
Select Allow users to log in locally.
Allow clients to request a refresh token
Select Allow clients to request a refresh token.
Allow issuing access tokens to browsers
Select Allow issuing access tokens to browsers.
Post Logout Redirect URLs
Add the view/unauthenticated URL for the Hyland Healthcare Configuration Utility UI.
For example, if your domain is my.domain and the name of the Hyland Healthcare Configuration Utility UI application is HylandHealthcareConfigUtility, then the URL is:
https://my.domain/HylandHealthcareConfigUtility/view/unauthenticated
Front Channel Logout requires session ID
Select Front Channel Logout requires session ID.
Back Channel Logout requires session ID
Select Back Channel Logout requires session ID.
Access Token Lifetime
Recommended to be between 300 and 600 seconds (5–10 minutes). Acceptable lifetime values vary per deployment.
-
- Save the client connection.
-
Copy the Client ID value to the clipboard by clicking
the icon at the right of the Client ID field.
You will need this value in the next procedure.
- Recycle the application pool of the Hyland IdP server for the changes to take effect.