Configure OpenId Connect

A standalone tool is installed with Meridian Enterprise to configure these Meridian clients to work with any OpenId compatible identity provider:

  • PowerWeb

  • Meridian Explorer

  • Application Integration (site cache web server and site cache client)

  • Remote CAD links

The tool allows you to enter and test authentication details in a simple graphical user interface and to enable or disable authentication for specific clients. You should understand how to also configure an on-premises firewall to allow inbound connections if required.

Note:
  • To request the client secret and client ID that will be generated by the Meridian CloudOps Team, open a support case with the information below:

    • IssuerUri – https://auth-prd.meridiancloud.net/auth (change it to .eu if you have a tenant in Europe).

    • M360Tenant – your Meridian Tenant unique name

    • M360Domain – meridian360.com (change it to .eu if you have a tenant in Europe).

    • PowerWebAppUrl – http://localhost/meridian

      This PowerWeb URL must be accessible externally from outside your network.

    • ExplorerWebAppUr – http://localhost/BCEnterprise

      This Explorer URL must be accessible from outside your network.

  • To use OpenId Connect, you don't need to have the Meridian clients (PowerWeb, Explorer and Enterprise Server) accessible from outside your corporate network.

To configure authentication:

  1. On the Meridian Enterprise server, run C:\Program Files\BC-Meridian\Program\SAMLConfigurator\SAMLConfigurator.exe.

    The tool window opens.

  2. Click options or type values using the descriptions in the following table.

  3. Click Apply and Continue.

    The Meridian Cloud logon page opens in a browser window.

  4. Select an authentication provider and enter valid credentials.

  5. When you have successfully configured and tested authentication, click the Enable button for each client for which you want to enable OpenId authentication. See the example below:

    OpenId Connect Configuration window, with the PowerWeb dialog open showing the following fields: PowerWeb App Url, Client Id, Client secret, E-signature client Id.

  6. Enter the client secret and client id provided by Support.

  7. Enter the other appropriate information.

  8. Click OK.

  9. Repeat these steps until the process is complete.

    The authentication options are saved for the corresponding clients.

  10. Select the Meridian groups option as described in Configure the EDM Server Service.

  11. For more information or to manually configure authentication, click the corresponding help button (?) in the tool.

    Instructions will open in a new window.

OpenId configuration options
Option Description

IssuerUri

https://auth-ci2.meridiancloud.io/auth

M360Tenant

Your Meridian Cloud account name

M360Domain

meridian360.io

2023