General Overview for Administrators
Administrators must ensure appropriate authentication methods are configured before end users attempt to sign-in through your organization's sign-in page. You may configure any of these options below:
- SAML Authentication: Authenticate through your organization's SAML provider. This option requires configuration of a SAML identity provider.
- Optional: Configure the STS site for your SAML identity provider
Note: SAML Authentication is only supported when using the Directory Server SSO.
- Windows Authentication: Current windows session is passed through to the application when users choose the Windows Authentication button.
- Laserfiche User Authentication: Authentication for users created and managed in Directory Server. If Laserfiche Users have MFA configured, they must authenticate using the Directory Server SSO page.
Note: If Windows Authentication is not available, users will authenticate by typing in their windows credentials into the User name and password fields.
Installation of Web Tools Agent
This is required for the SSO experience, so that end-users do not have to repeatedly authenticate.
Web Tools agent must be installed on the user's machine. This is always included in the installer for all Laserfiche desktop applications, with no additional configuration needed after installation.
Overriding the LFDS URL
By default, the Laserfiche Directory Server URL is automatically populated in all applications. To override this value, navigate to: HKCU\Software\Laserfiche\Client8\Profile\reponameSettings\LFDSSTSUrl.