Configuring authentication
By enabling authentication at this level (by selecting this tab), the user is enabling authentication at a global level. This authentication procedure will be used for all devices. The user does also have the option of enabling authentication at the group level.
These settings do not control authentication to the MFP, they are used for authentication with AutoStore.
- Click the Authentication tab.
-
On the drop down menu for
Authentication Type, select the authentication
method you want to use:
Option Description None Select this option to not have the device prompt for credentials. All users have access to all workflows. Windows Select this option to use Windows authentication. Unless the device is setup for SSO, this will prompt the user for a Windows user name, domain and password. In the Domain box, enter the name of a Windows domain to be used as the default domain for authentication. If attributes other than email address are needed, see LDAP Lookup Settings dialog box on how to setup LDAP. Custom Script The administrator has full control over the prompts that will be presented to the user as well as how the prompts are validated. In the Script File Path box, specify the script to be used for authentication.This option can be used with device SSO. For more details, see Custom Scripting authentication. Microsoft Entra ID Select this option to use Microsoft Entra ID authentication.
Microsoft Entra ID is only possible when Equitrac or Output Manager authentication is available and configured, or the device is configured to provide the user identity to ControlSuite through SSO.
This option uses the pre-configured Microsoft Entra ID configuration set in Control Suite Configuration Assistant for authentication.
At runtime, the Unified Client retrieves user identity from the device and sends it to Auto Store. AutoStore validates it against the pre-configured Microsoft Entra ID domain and user group membership. If the Unified Client cannot retrieve user identity from the device, the identification fails.
The following information applies to all authentication types except Microsoft Entra ID:
-
You can restrict forms and use the same authentical level as the Windows authentication option, but you cannot prompt for credentials.
-
LDAP may be used for authentication of lookup data.
-
If a device is setup with SSO, AutoStore attempts to use that data to authenticate. If it fails, the user needs to fill in additional fields to complete the authentication process.
-