Workflow Authentication Methods

Laserfiche Directory Server trustee directory has two authentication methods: Windows Authentication and Laserfiche Authentication. Windows Authentication is selected by default.

Laserfiche Authentication

The login user configured for Laserfiche Directory Server trustee directory profiles should have following rights. For more information, see Controlling Access to a Licensing Site.

  • View in the specified organizations that Workflow needs when the Laserfiche Directory Server trustee directory is used in the activity
  • View Site that Workflow needs to view information, e.g. license and MFA status
  • Set Claims and Attributes in the specified organizations that Workflow needs to set working folders for users or groups
  • View in the specified identity providers that Workflow needs to retrieve an identity provider name for SAML users.
  • Add objects in organizations that Workflow needs to create a user or group
    • To create a user with additional properties (e.g. Email), you will need Modify, Set Claims and Attributes in an organization, and View Site in settings.
  • Remove objects in all organizations that Workflow needs to delete a user or group
  • Modify in the specified organizations that Workflow needs to assign trustees to groups
  • Assign licenses in all organizations that Workflow needs to assign license to directory user

Windows Authentication

The service account that Workflow Server runs on will be used to connect in a Laserfiche Directory Trustee directory. The service account requires local administrator privileges on the machine of the Laserfiche Directory Server.

Administrators can set rights for different users or groups to view, modify, make use of, and delete a trustee directory by following the instructions in External Object Rights section of Permissions and Rights Node.