Creating the Identity Provider Client Connection - Hyland Integration for Encompass - 22.1 - 22.1 - Ready - Other - external

Hyland Integration for Encompass

Platform
Other
Product
Hyland Integration for Encompass
Release
22.1
License

Hyland Identity and Access Management (IAM) services uses the Hyland Identity Provider (IdP) server to authenticate connections to supported applications, such as the Integration for Encompass.

The Hyland Integration for Encompass requires two Identity Provider Clients to be configured within the Hyland Identity Provider. The first allows for the OnBase workflow to authenticate with the Hyland API Server and the second supports a token refresh process required during long running polling processes.

To configure the Integration for Encompass to use the Hyland IdP server for authentication:

  1. To create the necessary Hyland IdentityProvider Clients use the settings in the following tables:
    Tip:

    Complete details on configuring a client connection on the Hyland IdP server are documented in the separate Identity and Access Management Services documentation.

    The client connection must have the following settings, as well as any standard required settings. All other settings can be left with the default values.

    Encompass Integration
    Setting Value
    Client Name Unique name for the client (Encompass Integration recommended)
    Client Description Description of the client (Encompass Integration recommended)
    Protocol Type oidc
    Allowed Grant Types Client Credential and Password
    Allowed Scopes openid, evolution
    Allow users to log in locally Enabled
    Allow issuing access tokens to browsers Enabled
    Secret Select Client secret must be present.
    Client secret Value Plain-text work or phrase used as the client secret.
    Type Shared Secret
    Encompass Token Exchange
    Setting Value
    Client Name Unique name for the client. (Encompass Token Exchange recommended.)
    Client Description Description of the client (Encompass Token Exchange recommended.)
    Protocol Type oidc
    Allowed Grant Types Tokens Exchange
    Allowed Scopes ombaseapi, evolution
    Secret Select Client Secret must be present.
    Client Secret Value Plain-text work or phrase used as the client secret
    Type Shared Secret
  2. Save the IdP client connection and recycle the application pool of the Hyland IdP server in IIS for any configuration changes on the Hyland IdP server to take effect.