Login to Print&Scan with OIDC

  1. In the CloudStream DM login page, click [Login with OIDC].

  2. Select the OIDC profile you would like to be authenticated with.

  3. Click the [Login with OIDC] button.

  4. Proceed to login with the selected authentication provider.

    Successful authentication will log you in to the CloudStream DM portal.

    If you encounter problem logging in, please see Troubleshooting login with OIDC.

  5. Go to System node.

  6. Click 'Sign in to CloudStream Print & Scan'.

    By clicking the link, you will be redirected to the RICOH CloudStream Print&Scan portal. Since you login as an OIDC external administrator, the system detects your sign-in and automatically logs you in to the portal, so you do not need to provide your credentials.

    It is recommended that you use your OIDC admin account to access the Print&Scan portal.

  7. If you are an administrator and have very limited options in your profile, for example, you only see My profile and My documents, follow Assign Print&Scan Administrator to assign access to your OIDC user account.

    The steps found in Assign Print&Scan Administrator requires a Print&Scan local user account. The local user credential is given by the Ricoh OpCo. Initially, you are expected to login using a local user with administrator role and provide admin access to the OIDC account you used to log in step 7. After that, you can continue to use your OIDC account with admin privilege to provide other administrators with admin access.

    If the other admin is already an administrator, please contact the other admin and request for admin access. You must login via step 7 first before you request for admin access.

For LDAP and local admin account

The CloudStream DM local admin account and LDAP account cannot login to the Print&Scan portal. When LDAP or local admin users click the link, they will see the login screen of the Print&Scan portal. From that screen, they can login using their Print&Scan local user account, which is an account separate from the CloudStream DM portal.

 

Troubleshooting login with OIDC

  • Ensure the admin user's group is added to a role in the system. To know more about roles, go to Administrator Roles.

  • The authentication provider's redirect URI must be correct. For the required configurations, see the precondition in OpenID Connect Authentication Profile.

  • Ensure the OIDC authentication profile is correctly configured. Refer to OpenID Connect Authentication Profile. If you receive an error message indicating "Please contact your Administrator. The authentication profile may be configured incorrectly", you must contact your Administrator for a resolution before you can login successfully.

  • All required permission should be checked before submitting the consent.

  • For Entra ID, the client certificate is valid for a 6 month period by default. If the certificate exceeds the period, the user will see the error message indicating "Error: Please check Authentication Profile, you may have set the values incorrectly". To resolve this error, ensure you adjust the Client secret expiry in Entra ID to a longer period of time.