Authentication and identification

The Canon Unified client supports the Canon MFP configured to include the unlocked device or to require authentication system locking down access to the MFP. However, the Canon Unified client does not support a device configured for application level authentication. This means that either the device is totally unlocked or the device is fully locked down and you must authenticate to use it. This level of authentication is different to the AutoStore authentication setup (named identification here). While you are not authenticating to use the device, you are identifying to use the Unified Client application. If you use a third party authentication system (CAC for example), the Unified Client will support single sign-on (SSO). This means that the user that logs into the MFP will also identify AutoStore.

The following scenarios are available:

  1. Device has the third party authentication and AutoStore has no authentication configured: User data could be shared from the third party to AutoStore server.
  2. Device has the third party authentication and AutoStore has authentication enabled: When the user logs in to the device, they will be identified against AutoStore. In case the identification process fails, the user will be prompted for additional identification data when they try to use the Unified Client.
  3. Device has no authentication and AutoStore has no authentication: The user can start the Unified Client without entering in any identifying data. They should ensure they leave any workflow before they walk away from the MFP device. In this case, logout (either on the device or in the application) is not required.
  4. Device has no authentication and AutoStore has authentication; The user will be prompted for identification when they start the Unified Client application. This user data is not shared with the device. Once the user is finished using the Unified Client, they should use the Unified Client logout option to end their session and take them back to the Unified Client identification screen. Note: In this case, there is no connection between application logout and the device logout. For more information on setting up identification on AutoStore, see Configuring authentication.

    If you have identification enabled in AutoStore without third party authentication system configured, a user will see the following screen when they start the Kofax application.



    The user will enter their credentials to login to the AutoStore server in order to see the scan workflows they have access to. Pressing the Cancel button will clear the prompts and if the user exits back to the main menu, the next user to start the Kofax client will see cleared prompts.

    The user can use the Menu button top right to bring up an About screen. Pressing the Login button will trigger the system to attempt to identify against the AutoStore server. The exact prompts shown will depend on what type of AutoStore authentication was setup.