ControlSuite ClientsUnified Clients OverviewKofax Unified Client for HPUsing the Unified Client for HPTypical user workflowsLog in to the Unified Client for HPAzure AD authentication with card registration

Azure AD authentication with card registration

When Azure AD is enabled with ControlSuite and is selected as an authentication method with card registration for the Unified Client for HP, users can log in by authenticating against Azure AD.

Depending on the login configuration, a user can select between more than one authentication method.

  • If Azure AD is the only configured method for unknown card registration, when the user swipes their card for the first time, the device screen displays a QR code and an alphanumeric code. The user scans the QR code to open the Microsoft login site, or enters the URL in a browser not on the device, enters the code, and selects their account. When returning to the device, the card is registered to the user.
  • If Azure AD is used with another form of authentication, such as PIN or username/password, after swiping their card, the user is prompted to choose their authentication method and can then select Azure AD as the Authentication Method. When the user clicks Login, the QR code and alphanumeric code appears.
    If you do not complete the authentication within 5 minutes, the Equitrac server or Output Manager server closes the user session and ends the card registration. A new alphanumeric code is issued during the next attempt at registration.
  • If you are using the Unified Client for HP with AutoStore only and no authentication, then you can integrate with another identity provider to identify users when logging in. Access control groups are validated with Azure AD.
  • Azure AD can only be used for card registration. Users cannot log on directly using Azure AD.