Configure a Entra ID (Azure AD) directory

Azure section

The information entered is used to establish communication between Watchdoc and the directory:

  • Tenant-Id: specify your Microsoft Azure Directory ID (Tenant - Locataire).

  • Service account Application: Specify authentication informations generated by the Microsoft Azure application dedicated to Watchdoc servers.

    • Client-Id: enter the Microsoft Azure Application (client) ID.

    • Client-Secret: enter the Microsoft Azure Client secret associated with the application. Specify the secret value and not the secret ID.

 

  • Authentificate users Application (Print Client): Specify authentication informations generated by the Microsoft Azure application dedicated to Watchdoc Print Client for Windows.

    • Label: enter the application name displayed to users in Watchdoc Print Client.

    • Client-Id: enter the Microsoft Azure Application (client) ID.

 

  • Authenticate users Application (Browser): : Specify authentication informations generated by the Microsoft Azure application dedicated to Watchdoc web interface.

    • Label: enter the application name displayed to users in Watchdoc interface.

    • Client-Id: enter Microsoft Azure Application (client) identifier.

    • Client-Secret: enter the Microsoft Azure Client secret associated with the application. Sepcify the secret value and not the secret identifier.

PUK code section

Users registered in a Microsoft Entra ID directory can authenticate themselves in Watchdoc using a PUKClosed (Print User Key). In Watchdoc, this is a code (associated with a user account but used alone) sufficient to allow the user to authenticate in a WES. The PUK code is generated thanks to an algorithm. The user can consult it in the "My account" page of Watchdoc. For security reasons, we advise against using the PUK code and recommend using a login (user account)/PIN code. code*. This code can be:

  • either present in an attribute of the Microsoft Entra ID directory. In this case:

    1. tick the box The PUK code is in an Entra ID attribute,

    2. complete the Attribute field by entering the name of the Entra ID directory attribute in which the PUK code is stored (for example, enter ‘employeeId’ if the Entra ID directory attribute used is Employee ID);

  • either stored in a PUK Code Database (SQL) type directory. In this case, you must first configure this database (see Configuring a PUK Code Database (SQL)), then configure the directory as follows:

    1. in the list of databases, select the PUK Code database associated with the Entra ID directory (Azure AD);

    2. tick the Use the master to create/get users PUK code if you want PUK code management to be centralised by the Master server. This option, available since v6.0.0.4777, prevents duplicates in the case of PUK codes generated from a slave server when the Master server is unavailable.

* For security reasons, we advise against authentication by PUK code and recommend using the user account (login)/PIN code.