General settings

Under this Token Vault settings group, you can change the Port for HTTP protocol to a valid, available port. The default HTTP port for Token Vault is 8380. If you want to use Token Vault with HTTP protocol the HTTPS certificate thumbprint must be blank under HTTPS settings group.

Kofax highly recommends using HTTPS ptotocol.

Here you can also specify for Token Vault to accept requests only from registered client.

If the Accept requests only from registered clients setting is configured as Yes, Token Vault accepts only requests from those applications which are registered as Token Vault clients on the Token Vault Manage Clients page. Otherwise, Token Vault accepts token or one-time passcode verification requests from any application/computer.

The registration of an application as a Token Vault client is based on the certificate of the computer where the application is running on. This certificate is used by Token Vault to verify that a request is coming from a registered client.

For higher security we recommend that you configure this setting as Yes, and register applications allowed to communicate with Token Vault as Token Vault client.

To register an application as a Token Vault client:

  1. On the computer where the application is running, export the certificate (without the private key) for the application into a file.

  2. Click Manage Clients on the left sidebar of the Token Vault server settings page.

    The Manage Clients page with the list of already registered Token Vault clients is displayed.

  3. Click Register new.

    The Register client page is displayed.

  4. Click Browse and select the file containing the certificate exported in Step 1.

  5. Click Save to import the certificate into Token Vault.

The Manage Clients page with the list containing the registered client with its name and the thumbprint of the imported certificate is displayed. To unregister a client on this page, mark the checkbox of a list item and click Remove.

To register AutoStore as a Token Vault client:

  1. In AutoStore Process Designer, click the Tools menu, then select TokenVault from the dropdown menu.

    The TokenVault Setting dialog box is displayed.

  2. Select the Sign TokenVault request option.

    When selected, all TokenVault requests from any AutoStore component using Token Vault are signed with the ControlSuite AutoStore Service certificate.

  3. Click Export AS Certificate.

    The certificate (without the private key) is exported to a file.

  4. Register the certificate on the Token Vault server using the steps outlined above.

    Registering the certificate enables Token Vault to accept requests from the AutoStore application.