6.9 Advanced Authentication

OES iPrint Advanced supports Advanced Authentication for the users releasing the WalkUp jobs. Only Card or combination of a Card and a Smartphone is used for multi-factor authentication. The Smartphone method is used for authentication through your Smartphone that uses an app to perform the out-of-band authentication. The authentication method must be in order of Card and Smartphone. We do not support only Smartphone or changing the order to Smarphone and Card.

For more information about using the Advanced Authentication Framework, see the Advanced Authentication - Administration documentation website.

The following steps describe the authentication flow for Card and a Smartphone authentication:

  1. To release a print job, when a user swipes the identity card, the authentication request is initiated and OES iPrint Advanced contacts the Advanced Authentication server.

  2. The Advanced Authentication server validates the user’s card data.

  3. After validating the data, the Advanced Authentication server sends a push message to the user’s Smartphone to inform that an authentication request has been initiated.

  4. When the user opens the Smartphone app, the app reaches the Advanced Authentication server to validate if there is an authentication needed. The authentication is indicated by the Accept and Reject options. The user’s selection is then sent to the server.

  5. The server validates the authentication and OES iPrint Advanced releases all the print jobs of the user for that printer.

6.9.1 Prerequisites

  • Ensure that the OES iPrint Advanced users are available in the Advanced Authentication server. If the users are not available on both the servers, authentication will fail.

  • Configure the Advanced Authentication server with the following:

    • Authentication Chain with the authentication method as Card and Smartphone or only Card

    • Authentication Event with the event type as Generic

    • Endpoint with type as Other

      NOTE:Ensure that a Owner is not set for the Endpoint that is configured for the OES iPrint Advanced.

  • Endpoint ID and Endpoint Secret should be available before configuring Advanced Authentication in the iPrint Console.

6.9.2 Configuring Advanced Authentication

Ensure all the prerequisites are met before configuring Advanced Authentication in the iPrint Console.

Enable Advanced Authentication: Select this to enable advanced authentication for iPrint users when releasing the WalkUp jobs by using their identity cards.

Option, Field, or Button

Information and/or Action

Advanced Authentication Server Address

The hostname or IP address of the Advanced Authentication server that you want to use for authentication.

Event Name

Specify the name that you created in the Advanced Authentication Administrative Portal. If inaccurate name is provided, the users will be unable to release their WalkUp jobs.

Endpoint Name

Specify the name that you created in the Advanced Authentication Administrative Portal.

Endpoint ID

Specify the value that is automatically generated when you use the Advanced Authentication Administrative Portal to create a Endpoint. You can copy the ID from the portal and paste it here.

Endpoint Secret

Specify the value that is automatically generated when you use the Advanced Authentication Administrative Portal to create a Endpoint. You can copy the secret key from the portal and paste it here.

Save

Click this to save your changes.

Reset

Click this to clear the changes you have made.