Configuring the Tenant - Identity and Access Management Services - 3.2 - 3.2 - Other - external

Identity and Access Management Services

Platform
Other
Product
Identity and Access Management Services
Release
3.2
License

The tenant configured during the initial set up is the only tenant available in a default installation.

To configure the connection information for the tenant used with the Hyland IdP server:

  1. Launch the Hyland IdP Administration client and log in (see Accessing the Hyland IdP Administration Client).

    Upon successfully logging in, the tenant configuration information is displayed. In a wide display, the tenant information is in the left pane. In a narrow display, the tenant information is at the top of the page.

  2. Enter the name of the tenant in the Tenant Name field.
    Note:

    If you are configuring an OnBase environment, the Tenant Name must match exactly the Name of the datasource on the Hyland SCIM server that contains the connection string this tenant uses. For example, if the Hyland SCIM server datasource name is MyDBTenant then the Tenant Name must also be MyDBTenant.

  3. If you are configuring an OnBase environment, set the value of the ScimEndpoint setting to the URL of the Hyland SCIM server endpoint on the API Server, which is the API Server URL with /onbase/SCIM appended to it.

    For example, if the root URL of the API Server is https://server.domain.com and the default application name was used, then the ScimEndpoint value is https://server.domain.com/ApiServer/onbase/SCIM

    Note:

    Make sure the use of HTTP or HTTPS matches the configuration of your domain in IIS. The Hyland IdP server must be configured for secure connections (HTTPS).

  4. If you need to authorize additional administrative users to make configuration changes in the IdP Administration Client, enter the user names you want to authorize in the Administrative Users field.
    User names and user group names must be entered as a comma-separated list. For example, if you are entering the user names of manager and user1, and the user group name of idpmanagers, this must be entered as manager, user1, idpmanagers
  5. If you need to authorize additional administrative user groups to make configuration changes in the IdP Administration Client, enter the user group names you want to authorize in the Administrative Groups field.

    User names and user group names must be entered as a comma-separated list. For example, if you are entering the user names of manager and user1, and the user group name of idpmanagers, this must be entered as manager, user1, idpmanagers

    Note:

    At least one user name in the Administrative Users field or one user group name in the Administrative Groups field must be configured for each tenant.

  6. If you are configuring an OnBase environment and have manually-managed OnBase user groups (groups that are managed entirely through user group administration), enter the list of user groups in the Manually Managed SCIM Groups field, or click this template to download a CSV template to which a list of user groups can be added.
    1. If you clicked this template a CSV template file is downloaded to your downloads destination folder.
    2. In the CSV file, enter the list of user groups that are manually managed in OnBase.
      Tip: If a large number of groups exist, you can export a list of these user groups using a SQL query.
    3. Save the CSV file and in the Manually Managed SCIM Groups section of the tenant configuration information, click Upload CSV.
    4. Browse to the saved location of the CSV file and click Open. The list of user groups is automatically added to the Manually Managed SCIM Groups field.
  7. Click Save.