Simpler Office 365 identity with Zetadocs for NAV version 10

Streamlined access for SharePoint Online customers with less password prompts and support for multi-factor authentication.

Following on from the identity enhancements to Zetadocs Approvals with same sign-on using Microsoft Work accounts, Version 10 of Zetadocs for NAV will support single sign-on for SharePoint Online customers on NAV2016 and later using Zetadocs Capture and Zetadocs Delivery.

Each Microsoft Azure Active Directory (Azure AD) user will follow a one-time Zetadocs Authorization Service app registration to enable this feature. Once enabled the Zetadocs will store an Azure AD token for each Office 365 user and no longer make independent credential requests when user’s passwords change.

App authorization will also enable Office 365/Azure AD users that have multi-factor authentication (MFA) enabled to use the Zetadocs FactBox without being prompted for a code each time.

Security first

Microsoft Azure AD uses OAuth (Open Authorization), an open standard for token-based authentication and authorization on the Internet. OAuth allows an Office 365 user's account information to be used by third-party services, such as Zetadocs, without exposing the user's password to the service.

As Zetadocs is storing Azure AD tokens in NAV tables, we require this data to be encrypted. NAV encryption is only available on NAV 2016 and later versions making this simplified identity mechanism only available to Office 365 customers on those versions of NAV.

App authorization

We’ve made the authorization as simple as possible and minimised the SharePoint Online permissions we need to store and retrieve documents as each authorised Office 365 user. This ensures that documents retrieved in the Zetadocs Documents FactBox are security trimmed to only those that user has access to view.

The Zetadocs administrator simply follows the on-screen prompts to authorise the Zetadocs Authorization Service app for their Azure AD organisation when SharePoint Online is selected as the electronic archive for use with Zetadocs.

Single sign-on

Once Zetadocs has been authorised, an authentication token is stored on the NAV server. The Office 365 user will no longer be prompted for their password when interacting with the Zetadocs Documents FactBox or when sending a NAV report with Zetadocs NAV Server Delivery.

When their Azure AD or Office 365 password expires, they will change that in the Office 365 app of their choice. This password change does not impact Zetadocs as the Azure AD token is still valid for the user.

Multi-factor authentication

If the user has been enabled in Azure AD for additional security verification, they will receive an additional security prompt whilst authorizing Zetadocs. Once done, they will not again be prompted for a password or the additional PIN prompt whilst their Azure AD token is still valid.

The user will only be prompted to re-enter their password when the token Zetadocs has stored has expired. Expiry happens when the user has been inactive for a period longer than the Azure AD refresh token is set. The default Azure AD validity is 14 days.

Simplified authentication and more

As you can see, version 10 will make it a breeze for Office 365 customers to identify themselves. Version 10 also packs with it a number of other enhancements, including support for Dynamics NAV 2018 which was only recently released.

Sign up for our sales and technical webinars to learn more about these Zetadocs for NAV version 10 enhancements and how to download the software.