DocuWare is simply secure: With the help of single sign-on, it‘s easy for your employees to log in - while ensuring optimal protection for all your documents.
With Single Sign-On, users log onto their workstations once and can then access all the services and applications they need with just this single authentication. This eliminates the need to enter passwords multiple times as well as the temptation to write them down. And this in turn protects documents archived in DocuWare from unauthorized access.
By using the "Enforce Single Sign-on" option that‘s new in version 7.4, you can help your company further minimize security risks from password theft. Manual login using DocuWare credentials is now only possible for specially defined users or roles - for example, if local applications need to access the DocuWare programming interface directly.
If "Enforce SSO" is enabled in the DocuWare configuration, users will see "Continue with Microsoft" as the first button for logging in. The link to DocuWare login credentials can only be used by users who are specifically exempt from forced single sign-on.
Two-step authentication thanks to DocuWare Identity Service
All other employees always log onto DocuWare via Single Sign-on - preferably in combination with multi-factor authentication. In this case, users are verified twice, namely by the password and, for example, by entering a code that they received via SMS.
The secure login procedure with forced single sign-on and multi-factor authentication is made possible with the new DocuWare Identity Service, which is available not only for DocuWare Cloud version 7.4 and higher, but also for locally installed DocuWare installations (where it replaces the previous authentication procedure). Single sign-on is also now available for the mobile app and integration links.
Integration of identity service providers (identity provider)
An identity service is automatically set up as a web service during server setup and can be used without an additional license. Single sign-on is supported as before with Windows NTLM and, in addition, via identity service providers Microsoft AAD (Azure Active Directory) and Microsoft ADFS (Azure Directory Federation Services). Multi-factor authentication is only possible with AAD and ADFS.
Single sign-on user authentication options are located in DocuWare Configuration > Organization Settings found on the Security tab.
Tip: It’s a good idea to specifically test the forced single sign-on before enabling it. Be sure to exclude organization administrators from forced single sign-on to prevent all employees from being locked out, just in case.