A Hyland Identity and Access Management (IAM) environment includes the Hyland Identity Provider (IdP) server and client workstations accessing configured products. The Hyland IdP server is configured using the Hyland IdP Administration client. If the Hyland IdP server is being used to authenticate users in OnBase, the Hyland SCIM server is also required.
An IdP environment can also be configured to use a third-party authentication provider, allowing for federated sign-ons. The third-party authentication provider adds an additional layer of authentication and communication with the user agent on the client workstation. Such an environment can be set up with or without a proxy server between the client workstation and the Hyland IAM environment.
Detailed instructions on how to configure a third-party authentication provider to correctly authenticate and return valid tokens for use with the Hyland IdP server are beyond the scope of this documentation. Where possible we have provided generalized instructions using SAML terminology, but detailed instructions should be available from the specific third-party provider being used.