Authenticating ABBYY FlexiCapture applications
All components and users of ABBYY FlexiCapture 12 Distributed interact with the Application Server and must be authenticated on the computer where it is installed. ABBYY FlexiCapture supports several types of user authentication:
- Windows or Basic authentication in IIS. Users are identified in ABBYY FlexiCapture based on their Active Directory logins. This method requires minimal configuration and is suitable for scenarios where all ABBYY FlexiCapture components and users are in the same domain.
- ABBYY FlexiCapture authentication. This method is recommended when users cannot be identified based on their Active Directory logins.
- Authentication using Single Sign-On technology (SSO). This method allows using a single set of credentials to access all required resources. This means that users will only have to authenticate once when working with multiple corporate systems.
Important! If a user attempts to authenticate with invalid credentials more than 3 consecutive times, the user's account will be locked out for 30 minutes. Neither the user nor an administrator will be able to unlock the locked-out account during this time.
Authentication in ABBYY FlexiCapture client applications that represent Windows applications is performed with one of the two methods:
- When launched, an app uses Windows authentication, which means that a user is identified on a server by means of a Windows account that launches the app.
- An app suggests that a user enters a login and password, which means he/she is identified on a server by means of either Basic authentication or ABBYY FlexiCapture authentication (a type of authentication is selected automatically).
Authentication of ABBYY FlexiCapture client applications that represent web applications always requires users to explicitly enter a login and password. This means that a user is identified on a server by means of either Basic authentication or ABBYY FlexiCapture authentication (a type of authentication is selected automatically). To use Windows authentication in web applications, i.e. enter ABBYY FlexiCapture with a user account that launched a browser, it is necessary to add /winauth to the web station's address in the following format: https://<ApplicationServer>/FlexiCapture12/<StationName>/winauth where <ApplicationServer> is the name of a computer where the Application Server is installed and <StationName> is the name of a web station that is being entered.
Important! To ensure security of your account, use the secure connection (HTTPS) when explicitly entering your login and password to authenticate.
The SAML2.0 protocol is supported to integrate ABBYY FlexiCapture client applications with third-party systems.