SSO for Multiple Repositories

asked on April 26, 2019 • Show version history

Laserfiche Rio 10.3.1 of LFDS and 10.3.0.242 Mobile, 10.3.0.242 Web Client, 10.3.1.635 Forms applications

We have a separate Laserfiche repository for each of our companies that use Laserfiche and we want to setup SSO, however not all of our companies have a use case for forms yet.

We have set OKTA as our SSO provider, but when I use the Laserfiche URL as the Default RelayState, only the users who have access to the Default Repository will be logged in successfully while the others will get Access Denied 9013.

So my question is how do we setup SSO to automatically log the user into the Repository they have been assigned?

Also, what is best practice for setting the RelayState for companies that are not using Forms?

Lastly, do we need to setup multiple Mobile Servers to support each company, or can we use one Mobile Server for all of our companies?

0 0

replied on April 29, 2019

If users are clicking on a link like https://server/laserfiche/, the web client will try to log them in to the "default" repository. You can specify the repository you want to use with something like https://server/laserfiche/browse.aspx?repo=repoName.

0 0

replied on April 29, 2019

To clarify,

If we have Repository A, B, C and D.....

We can publish a different URL to the users for SSO login

https://server/laserfiche/browse.aspx?repo=A

https://server/laserfiche/browse.aspx?repo=B

https://server/laserfiche/browse.aspx?repo=C etc.

As far as the RelateState for our SSO provider, we can still use the default value as follows?

https://server/laserfiche/

0 0

replied on April 30, 2019

I have addressed this second question under your follow-up post: https://answers.laserfiche.com/questions/158351/Configure-SAML-Default-Landing-Page#158573

0 0

Question

Question

Replies

Sign in to reply to this post.