Document Vault Authentication
The Authentication tab of the Document Vault Properties dialog contains settings related to vault user synchronization and authentication with Microsoft Entra ID. The tab is available in the Document Vault Properties dialog of existing vaults. When you create a vault, you cannot see this tab.
User synchronization
For information about user synchronization, see Users in Synchronized Active Directory Groups.
User authentication
Refer to the specified instructions in this table to set up user authentication in your environment:
Deployment | Instructions |
---|---|
M-Files Cloud and Microsoft Entra ID | Setting up federated authentication in M-Files Manage User Guide For vaults created in M-Files Manage, Entra ID authentication is automatically configured. |
On-premises server and Microsoft Entra ID | Configuring Vault Authentication with Microsoft Entra ID in On-Premises Environments |
Any environment and any OAuth 2.0 or OpenID Connect compliant identity provider | Configuring OpenID Connect and OAuth 2.0 for M-Files Authentication |
Additional information:
- In M-Files Cloud, refer to Configuring Vault Authentication with M-Files Login Service to
manually set up authentication through M-Files
Login Service.
- In M-Files Cloud, Entra ID is automatically configured for vaults created in M-Files Cloud. For more information, refer to Setting up federated authentication in M-Files Manage User Guide.
- If the vault has been migrated from on-premises, see M-Files Cloud Requirements.
- If you use M-Files Web or the add-ins based on M-Files Web, also refer to Setting Up OAuth 2.0 for the New M-Files Web and Web-Based Add-Ins.
- In on-premises environments, refer to these articles for more information: Azure AD authentication with OAuth - which documents to follow and when and Configuring OpenID Connect and OAuth 2.0 for M-Files Authentication.
Anonymous authentication
On the Authentication tab of the Document Vault Properties dialog, you can also find the Use anonymous authentication setting. It lets you set the new M-Files Web and M-Files Mobile users to have read-only access to this vault without username and password.
When the feature is enabled, M-Files adds an anonymous user to the vault. The user has no login account on the server, but you can use it to set permissions, and add it to user groups. The anonymous user is created as an external user. However, you can change it to an internal user.
Prerequisites to set up the feature:
- You must have External Connector license.
- You must be a system administrator or have full control of the vault.
- In on-premises and self-managed cloud environments, you must set up mappings between incoming connections and your vaults.
Remarks:
- M-Files Desktop and the classic M-Files Web do not use this setting. To set up anonymous authentication for the classic M-Files Web, see Optional: Changing Publication Settings.
- The anonymous user does not decrease the number of your read-only licenses.