12-02-2021 11:12 AM
Our Security team is looking to set up Conditional Access using Azure and thought this was possible starting with EP5. Can someone confirm? I searched the Release Notes and didn't see anything about Conditional Access or Azure (I'm not familiar with this). We currently authenticate using IdP Single Sign On with Active Directory.
12-02-2021 11:32 AM
Hi
Conditional Access is a feature of Azure AD and therefore is likely not going to be documented within any Hyland documentation. I don't believe there are any concerns with using it for SAML authentication via the Hyland IDP.
Best wishes.
12-03-2021 08:36 AM
Adam please note that Nobly has previously filed a support case (00392381) about an issue with Conditional Access when Unity Client and Office Plugins are setup for SSO using the built-in browser (based on Chromium / CefSharp).
12-03-2021 08:47 AM
The Unity Client and Office Plugins uses a built-in browser (based on Chromium / CefSharp) when doing the Single Sign-On part towards the Identity Provider (which in return forwards to an authorization provider such as Okta, Azure AD etc.)
Since CefSharp does not support Conditional Access (details here: https://stackoverflow.com/questions/67259951/cefsharp-browser-control-not-working-with-azure-ad-cond... we found that Unity Client and Office Plugins could not be used since Conditional Access is being deployed throughout Microsoft Azure as recommended use.
We proposed a solution to Hyland to use the native desktop-based browser installed on the machine running the Unity Client, since that would support Hardware Conditional Access policy in Microsoft Azure AD and other similar services.
In the latest FEP5 releases this is now possible by setting:
<!-- Set this option to true to use the default system web browser for Idp authentication--><add key="useSystemBrowserForIdpLogin" value="true"/>
However, the specific implementation from Hyland in relation to how the system browser window is displayed to the user (at login and at logout) is not very user-friendly.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.