Configuring Modern Authentication / OAuth2

To use Modern Authentication / OAuth2 in your AutoStore components, perform a configuration process that combines tasks in Token Vault, in the AutoStore Process Designer and through the cloud provider. It is a complex process therefore it is advised that you familiarize yourself with the high-level overview as well as individual configuration tasks.

Ensure that Token Vault is installed

Token Vault is not deployed automatically, it must be installed manually.

The Token Vault installer can be found in the Distributables/TokenVault sub-folder of the AutoStore installation folder. Open this folder through the shortcut in Start menu > Kofax > AutoStore Distributables.

Depending on your deployment requirements Token Vault may be installed along with AutoStore on the same computer or can be installed on a different one. If installing Token Vault on a computer without AutoStore, copy the content of the Distributables/TokenVault sub-folder to the other computer.

Follow the Token Vault instructions to carry out its installation. For more details, see the TokenVault Installation Guide on the ControlSuite landing page.

Tasks to complete to use an AutoStore component with Token Vault
  1. Go to the cloud service provider portal and register an application for Token Vault.

    Depending on the workflow you want to set up, you will need to register an application for Token Vault through one of these cloud service providers:

    • the Microsoft Identity Platform (Azure Active Directory) admin center associated with your Microsoft 365 subscription

    • the Box portal

    • the Dropbox portal

    • the WorkSite portal

    • the Google Developer Console

  2. Log in to Token Vault and register a new Authorization Provider.

    In this step Token Vault generates an Authorization Provider ID that you will need to use when configuring your workflow in the AutoStore Process Designer.

  3. Enable and authorize the Authorization Provider.
    In this step you enable the newly created Authorization Provider to accept requests from AutoStore workflows.
  4. Launch the AutoStore Process Designer and set up your workflow.
    In this step you establish the connection between Token Vault and AutoStore by using the Token Vault generated Authorization Provider ID to configure the workflow component.
  5. Invite your end-users to carry out their own authorization step through Token Vault to allow the AutoStore workflow to access their private cloud resources.

    Once this end-user authorization step is complete, the workflow with modern authentication is ready to use.

As the use of Modern Authentication / OAuth2 requires active end-user participation in the authorization step through Token Vault, administrators should clearly communicate this task and set expectations especially if an end-user tries to use components with modern authentication and fails. A best practice is to send emails to users with the Token Vault URL, where the authorization steps should be performed by users, and instructions on the necessary actions.

As tokens may expire during extended idle periods, end-users may need to perform the authorization steps again.