The Hyland IdP Server Fails to Authenticate When Using a Proxy - Identity and Access Management Services - 3.0 - 3.0 - Other - external

Identity and Access Management Services
Platform
Other
Product
Identity and Access Management Services
Release
3.0
License

When using a proxy for HTTP communications, authentication can sometimes fail with a 500 error (user name or password invalid) when users attempt to log in with valid credentials. This typically occurs in OnBase environments and is due to the way HTTP communications are passed through the Hyland SCIM server to the user catalog.

By default, the Hyland IdP server uses the proxy behavior defined by .NET Core. This behavior can be changed to always bypass the proxy, or to use Microsoft Internet Explorer settings to define the URLs that bypass the proxy.

To change the proxy settings:

  1. Locate the installation directory for the Hyland IdP server. In a default installation, the directory is C:\Program Files\Hyland\identityprovider.
  2. In the installation directory, open the config directory and locate the appsettings.json file. In a default installation, this file is located at: C:\Program Files\Hyland\identityprovider\config\appsettings.json
  3. Open the appsettings.json file for editing.
    Note:

    Open this file in a plain-text editor, such as Notepad.

  4. Locate the Administration block of settings.
  5. Add the ScimClientSettings block before the Administration block:

    "ScimClientSettings": {

    "Proxy": "Default"

    },

  6. Change the value of the Proxy setting to the behavior your environment requires:

    • NoProxy: The Hyland IdP server always bypasses the proxy.

    • Default: The Hyland IdP server uses the proxy behavior defined by .NET Core.

    • System: The Hyland IdP server uses Microsoft Internet Explorer settings to define the URLs that bypass the proxy.

    A completed ScimClientSettings block should look similar to this illustration:

  7. Save and close the appsettings.json file.
  8. Recycle the application pool of the Hyland IdP server for the changes to take effect.
  9. If you are using System to define the proxy bypass behavior, configure the servers to bypass in the Exceptions list of Microsoft Internet Explorer, under Tools | Internet options | Connections | LAN Settings | Proxy server | Advanced.
    Tip:

    For complete details on configuring exceptions for the proxy server in Microsoft Internet Explorer, see the documentation provided by Microsoft.