You are viewing limited content. For full access, please sign in.

Question

Question

Admin Console using Okta

Administration Laserfiche
Updated May 2, 2022
asked on April 12, 2022

Hi All,

We recently configure SAML with Okta to provide a second layer of authentication for the users trying to connect to the repository (using the Windows Client or WebAccess).

Is there a way to configure Okta to authenticate trying to access the Admin Console? I check the documentation but it doesn't mention the Admin Console configuration. At the moment the only users that can connect to the Admin Console are Laserfiche Account and not SAML account using Okta.

 

 

0 0

Answer

SELECTED ANSWER
replied on April 12, 2022 Show version history

Yeah, you can integrate Okta with LFDS as a generic SAML identity provider. Okta is one of the SAML providers we explicitly test LFDS against and have specific config instructions for. See:

https://doc.laserfiche.com/laserfiche.documentation/11/administration/en-us/Default.htm#../Subsystems/LFDS/Content/ConfiguringSAMLProviders.htm

This lets SAML users access interfaces that use LFDS auth, including the repo management page of Web Client, which has many of the most commonly used Admin Console functions. The desktop Laserfiche Admin Console itself is a Windows MMC app and does not support LFDS (and therefore SAML) auth.

0 0

Replies

replied on April 12, 2022

The admin console does not integrate with SAML. Much of the day-to-day functionality of the admin console is available in the Management page of the web client, which does integrate with LFDS.

1 0
replied on April 12, 2022

We have an Okta connected enviornment and it seems we still have the option to give these accounts allowed access to Account Administration

 

0 0
replied on April 12, 2022 Show version history

This is true for Cloud, as you show. As Brian noted, it isn't for a self-hosted LFS instance/repo with the desktop Admin Console.

0 0
replied on April 12, 2022

Oh I thought Okta was only for Cloud, didn't realise it was an on-prem option

0 0
SELECTED ANSWER
replied on April 12, 2022 Show version history

Yeah, you can integrate Okta with LFDS as a generic SAML identity provider. Okta is one of the SAML providers we explicitly test LFDS against and have specific config instructions for. See:

https://doc.laserfiche.com/laserfiche.documentation/11/administration/en-us/Default.htm#../Subsystems/LFDS/Content/ConfiguringSAMLProviders.htm

This lets SAML users access interfaces that use LFDS auth, including the repo management page of Web Client, which has many of the most commonly used Admin Console functions. The desktop Laserfiche Admin Console itself is a Windows MMC app and does not support LFDS (and therefore SAML) auth.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...