Importing Users for Baseline Mapping - Identity and Access Management Services - 4.4 - 4.4 - Ready - Other - external

Identity and Access Management Services

Platform
Other
Product
Identity and Access Management Services
Release
4.4
License

In environments where OnBase is configured in conjunction with the Hyland IAM environment and authentication is federated to external providers, it is recommended that existing OnBase users are mapped to their corresponding user account present in external providers. Mapping assigns each user a unique identifier based on the User ID attribute mapping configured in the external provider settings. This unique identifier is used to identify a user upon log in rather than identifying the user based on the username, which can change over time.

Note: Baseline mapping is not required but recommended if the username attribute value is expected to change during the life cycle of the user.

The following are considerations when importing users for mapping:

  • The assigned External User ID is linked under User Attributes.

  • The OnBase Active Directory Enhanced mode of authentication should not be used in conjunction with a configured Hyland IAM environment.

To import OnBase users for baseline mapping:

  1. Launch the Hyland IdP Administration client and log in (see Accessing the Hyland IdP Administration Client).
    Upon successfully logging in, the tenant, provider, client connection, and API resource information is displayed. In a wide display, the tenant information is in the left pane and the providers, client connections, and API resources configured for that tenant are listed in the right pane. In a narrow display, the tenant information is at the top of the page and the provider, client connection, and API resource information is below it.
  2. Click the Provider tab to view the providers currently configured for the tenant. The number of providers configured is displayed in parenthesis in the tab heading.
    Provider tab with the number of providers in parenthesis
  3. Click the name of the provider you need to import users for from the list of providers.

    The Provider configuration page is displayed with the Configuration tab selected by default. It is divided into the Basic Settings and Protocol areas. In a wide display, the Basic Settings area is on the left. In a narrow display, the Basic Settings area is at the top of the page.

  4. Click the Import Users for Mapping tab. The settings for importing users is displayed. It is divided into the Import Users and Download Mapped Users areas. In a wide display, the Import Users area is on the left. In a narrow display, the Import Users area is at the top of the page.
  5. From the Import Users area, click template file.
    Import Users dialog box
    A template CSV file is downloaded to your download location.
  6. Open the template CSV file. The template file is divided into the UserId column and the Username column.
  7. In the UserId column, enter the assigned externalUserId for a configured user.
  8. In the Username column, enter the OnBase username that corresponds with the externalUserId entered in the UserId column.
  9. Add more users as needed.
  10. Save the CSV file.
  11. On the Provider configuration page, in the Import Users area, click Upload.
  12. Search for the configured CSV file and click Open. The CSV file is uploaded and the information is mapped to the users listed in the Hyland SCIM server. The Preview Users section is displayed.
  13. Click View Mapped Users to view the list of users who were successfully mapped and click View Unmapped Users to review the list of users who were not successfully mapped.
    CAUTION: Ensure the information entered for each user is accurate before saving the user data to the Hyland IdP server. This feature is dependent on the uploaded information entered in the CSV file. If incorrect information is entered, after the changes are saved, the information may be incorrectly mapped to a user in the Hyland SCIM server and this feature may not work as intended.
  14. When everything is reviewed, click Save.
  15. Click Save to map the OnBase users with users from the configured external provider.