Secure Print Direct Settings
User Authentication Providers
Secure Print Direct supports OpenID Connect, Internal and Active Directory authentication for Windows and macOS. The Direct > Settings tab is where you configure the authentication provider settings.
Note: Chrome Direct Print does not support Internal Authentication or Active Directory Auth.
Internal
The Internal authentication option uses a familiar email-based account verification workflow. With Internal authentication, users register with Secure Print Direct by providing an email address. Secure Print Direct then sends an email containing a unique link and verification code to the email address provided, allowing the user to validate ownership of the email account and complete their registration.
Active Directory
This authentication option is suitable for organizations that use Windows Active Directory (AD) for managing users. With this option, users authenticate at secure printers using their network credentials.
OpenID Connect
Before you Begin
Refer to the following documents to set up OpenID Connect as an authentication provider for Secure Print:
Configuring OpenID Connect
To configure an OpenID Connect authentication provider, follow these steps:
- Navigate to the Secure > Settings tab.
- In the User Authentication Providers section, select OpenID Connect.
- Enter the following details of the Secure Print application as provided by the OpenID authentication provider:
- Well-Known Endpoint
- Client ID
- Client Secret
- Save the changes.
SAML
The SAML option uses the SAML protocol to authenticate the identity of print users. It is ideal for organizations that already have a SAML configuration in place.
For information on how to configure SAML as an authentication provider, refer to the User Authentication Providers documentation.
User Registration
Import users and their associated user groups
Administrators can assign a direct printer to one or more groups. When a direct printer has been assigned to a group, it is only available to the users in the assigned group, meaning only users in the group can search for and add the direct printer. If there are no group assignments, all direct printers are available to all users by default.
To import user groups for use with Secure Print Direct), you’ll need to import a comma-separated values (CSV file) containing users email addresses and user groups into Secure Print. The email addresses in the CSV file must match the email addresses associated with the user accounts in the OpenID authentication provider.
Each line in the CSV file includes the following comma-separated fields: EmailAddress, CardID, FirstName, LastName, UseGroups, and DataPrivacyRegion as shown in the example below. For user group import, Email and UserGroups or Email and DataPrivacyRegion are required fields.
How to import users and their associated information
- Prepare a CSV file. A sample CSV file is available for download.
- Navigate to the Direct > Settings screen and then go to User Registration section.
- Click the Import button and then select the CSV file to import.
- Map data by dragging CSV column headers to the appropriate data column. The mapping view shows the CSV fields in the left column, called CSV columns. The fields in Secure Print appear in the right column, called Data Columns.
5. Click the Preview tab to see up to the first 50 rows of CSV data and verify that the mappings are correct.
6. Click OK. A window displays the results of the import, the number of rows processed, and any errors during the import process.
Note: The User Registration section is available if you have Direct Print only license.
Delivery
Enable Cloud-based delivery
To enable Off-network Direct IP printing through the cloud, toggle the option Enable Cloud-based delivery setting in the Delivery section of the Direct > Settings tab. When Cloud-based delivery is enabled, print jobs will be routed through the cloud if there is no direct connection to the target printer and will be immediately sent to the designated printer.
Secure Print Direct Settings Page Lock
Administrators can lock the Direct > Settings page to maintain stricter control over configuration changes and prevent accidental or unauthorized modifications.
When enabled, only System Administrators can edit the Settings page, all other users have read-only access.
Note: Unlocking or locking the page requires a Site Encryption Key.
How to lock the Settings tab:
-
Navigate to the Direct > Settings tab of the web console. If the page is unlocked, you'll see "This page is unlocked. Click here to lock it."
-
Clicking this link opens a dialog box prompting you to enter the Site Encryption Key. Once the correct key is entered, select Lock. The settings will be locked and become read-only. A lock icon will appear indicating the settings are now locked.
Related Topics