Configure Authentication Priority

Create a list of priority orders for authentication profiles that appear on the device. A user performs authentication on a device, starting with the authentication profile with the highest order of priority. Once you save these settings, you can apply them within an Embedded Setting Profile.

  1. Click [Configuration] → [Streamline NX Embedded Settings] → [Authentication Priority List].

  2. Click [Add].

  3. Enter the Priority List Name and its description.

  4. Click the [Authentication Order] tab.

  5. Click (Add) to select an authentication profile, and then click [OK].

  6. Click (Up) or (Down) to change the priority of the authentication profile.

  7. Click (Save) when the settings are complete.

OpenID Connect authentication profiles cannot be specified in the [Authentication Priority List], because the users can select it when OpenID Connect login is performed at the device or RICOH Streamline NX PC Client.

Users with the same username and password

When users who have the same user name and password exist in more than one domain, the user to be authenticated is selected in the following order:

  1. The user who is identifiable by the specified domain *

  2. Local user

  3. The user who is included in the authentication priority list and registered in the Management Console

  4. The user who is included in the authentication priority list but not registered in the Management Console

* Add the domain name to the user name in the format of "@domain" to specify the domain for the user (example: user1@domain1). This format is valid only when the authentication profile that has the specified domain included in the authentication priority list.

For example, if the users who have the same user name and password exist in domain 1, domain 2, and domain 3, and the authentication priority is specified in the order of the user in domain 1, and user in domain 2, and the user in domain 3 is not registered in the authentication priority list, authentication is processed as described below.

  • When any of those users are not registered in the Management Console, authentication is performed according to the authentication priority list, and the user in domain 1 is preferentially authenticated.
  • When both users in domain 1 and domain 2 are registered in the Management Console, authentication is performed according to the authentication priority list, and the user in domain 1 is preferentially authenticated.
  • When only the user in domain 2 is registered in the Management Console, the user in domain 2 is preferentially authenticated because the users registered in the Management Console have priority over the users in the authentication priority list.
  • When the user in domain 1 and local user are registered in the Management Console, the local user is preferentially authenticated.
  • The user in domain 3 who is not registered in the authentication priority list causes a login error even if the user is registered in the Management Console.