Unit4 Identity Services setup on Unit4 ERP to use Ava

Overview

About this topic

This topic provides a summary of the required setup of Unit4 Identity Services (U4IDS) on Unit4 ERP using Unit4 ERP management Console and is aimed at:

This topic does not describe U4IDS or Unit4 ERP authentication. For more details on these, refer to the U4IDS general documentation and the Authenticator setup reference manual (access to Unit4 ERP Product Documentation required).

Registration with Unit4 Identity Services and Discovery Service

The Unit4 Identity Services (U4IDS) is an external cloud service used to provide authentication for the Unit4 Advanced Virtual Assistant (Ava) ecosystem. Configuring Unit4 ERP to use U4IDS authentication involves registration of the Unit4 ERP application with U4IDS and configuration of Unit4 ERP authentication.

To use Ava the customer Unit4 ERP installation must be assigned an IDS authority an IDS tenant ID and an IDS Scope, and registered with the Unit4 Identity Services and Unit4 Discovery Service. This is done by Unit cloud ops.

Configuration parts

Once the Unit4 ERP installation is registered to use U4IDS, the following U4IDS configuration is required for Ava to use the relevant Unit4 ERP functionality:

Setting IDS authentication as the accepted authenticator

IDS authentication must be set up as the accepted authenticator for each platform used by Ava (in this case Web services) in the Authentication Setup node as shown below.

Mapping Unit4 ERP users to Unit4 IDs

Each user who will use Ava must have his or her Unit4 ERP user mapped to a Unit4 ID, as the Unit4 ID is used by U4IDS to provide authentication for Ava. This is done in the User Master File node on the Security tab, by defining the Unit4 ID and the Logon company.

This then allows the user's organization account to communicate via Ava with the defined default sign on company as the selected Unit4 ERP user.

Configuring IDS for web applications

IDS must be configured for each web application (in this case, Unit4 ERP web API). This is done in the Authentication node for each web application.

In each case the Base URL is the IDS authority and the Tenant Id is the IDS tenant ID. These, along with the Scope Name (normally u4bw) and the Scope Secret are provided when the Unit4 ERP application is registered with U4IDS.

Unit4 ERP web API

In the example below, the authentication type is set to Identity Services Authentication. However, this can be set to All Authentications if basic authentication is also needed.

Note that this is a setting stored in the global web.config so it will apply to all web apps/tenants running on the server and will force a restart of any running web API apps. Therefore, this can be disabled in the global web.config if U4IDS isn't required globally.