How do I configure DocuWare Single Sign-On?
To configure your organization to use Single-Sign On, a Microsoft App Registration will need to be created. If you have not created a Microsoft App Registration, please follow KBA-36306 to do so.
Once completed, you may proceed in configuring Single Sign-On for your DocuWare system.
1. From the DocuWare web client, navigate to the "Configurations" page using the dropdown under your username.
2. Click-on the "Organization Settings" plugin.
3. Click-on the Security tab, enable Single Sign-On using the checkbox, then select "Configure Single-Sign On".
4. Here, you'll now be presented with the configuration page for Single-Sign On.
(Note: Refer to your App Registration for the Issuer URL and the Client ID)
Locating your Issuer URL & Client ID
Identity Provider will always be Microsoft Azure Active Directory as it is the only one DocuWare supports at this time. The Issuer URL can be found in the Endpoints tab of your App Registration (OpenID Connect metadata document)
The Client ID is found in the Overview tab of your App Registration
Utilizing "Automatically link existing users at login" option
If this option is enabled, DocuWare searches for a matching existing DocuWare user with the corresponding username and email address the first time a user logs on with Single Sign-On. The DocuWare username must match the local part (first part to @) and the DocuWare email address must match the complete username in Azure Active Directory.
Only if username AND email address match will the Azure Active Directory user account and the DocuWare user account be connected.
Example: Azure AD username: firstname.lastname@example.org
DocuWare username: peggy.jenkins
DocuWare Email address: email@example.com
5. Once your Single Sign-On configuration is complete, click OK then "Save", and your Organization should now be ready for Single Sign-On login.
KBA applicable for both Cloud and On-premise Organizations.