This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Monitoring IdP/IAM unity client login process

Go to answer
Mirco_Novello
Confirmed Champ
Confirmed Champ

‎02-08-2021 05:50 AM

As for monitoring purposes I was wondering if there is a IdP test-url to reachout or if there is a common way, respectively best practice to simulate a proper IdP login. API solution would also be helpful. We want to assure accessability of the Unity Client with IdP on our customers environment and to pro-actively highlight any issues within our monitoring tool  if IdP login is in any way compromised.

Are there any best practices in this regard?

 

Yours sincerely,

Mirco

Labels:
1 ACCEPTED ANSWER

Go to answer
AdamShaneHyland
Employee
Employee

‎02-08-2021 06:53 AM

Hi Mirco.

 

Yes, you could test the Hyland Identity Provider by requesting an access token which could then be used by the Document Management REST API to retrieve a document (or more specifically the document metadata).  You could have a monitoring solution validate that it can retrieve a document which would prove that the Hyland IDP is up and running.

 

Currently I'm only away of the ability to generate an access token via local login (meaning an OnBase user name and password) instead of federate authentication (SAML).

 

Best wishes.

View answer in original post

0 Kudos
3 REPLIES 3

Go to answer
AdamShaneHyland
Employee
Employee

‎02-08-2021 06:53 AM

Hi Mirco.

 

Yes, you could test the Hyland Identity Provider by requesting an access token which could then be used by the Document Management REST API to retrieve a document (or more specifically the document metadata).  You could have a monitoring solution validate that it can retrieve a document which would prove that the Hyland IDP is up and running.

 

Currently I'm only away of the ability to generate an access token via local login (meaning an OnBase user name and password) instead of federate authentication (SAML).

 

Best wishes.

0 Kudos

Go to answer
Mirco_Novello
Confirmed Champ
Confirmed Champ
In response to AdamShaneHyland

‎02-18-2021 06:10 AM

Hi Adam

 

Many thanks for your feedback!

 

The suggested answer would indeed prove that the IdP is up and running, this is as well very helpful. But in regard of a unity client login process this suggestion would came short.

Is there maybe another Hyland (monitoring) tool/solution you can recommend. How do other customer cover this requirement? Furthermore is the ability to generate an access token for SAML in developement/ roadmap for REST API?

Kinda wondering if we can simulate a login with a IdP Client ID, as configured in a obunity.exe.config within API.

 

Best Regards,

Mirco

0 Kudos

Go to answer
AdamShaneHyland
Employee
Employee
In response to Mirco_Novello

‎02-18-2021 06:39 AM

Hi Mirco.

 

My pleasure. 

 

As noted, what you are looking for is not currently documented.  I do not know of a timeline for documentation/functionality of other OAuth2 authentication flows outside of the Password flow (i.e. an OnBase username and password) which is what is currently used for the REST API.   

 

The REST API SDK does mention the use of the Authorization flow, but I don't have documentation on how to configure it.

 

https://sdk.onbase.com/rest/OnBase/FoundationEP4/document/programmers-guide/authentication.html

 

The Unity Client uses Authorization flow which is what you are looking for, however, I don't know this would be implemented from a REST API perspective since there is no user interface to authenticate against the federated (i.e. SAML) provider should it require user interaction for their credentials (or further multi-factor authentication such as DUO).

 

If you are looking for a complete solution, you can submit an Ideas post to request the functionality.

 

Best wishes.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC