Setup for Totalview Authentication

To enable Totalview Authentication for Totalview HR you need to have a valid installation of Totalview Suite 2021 or newer running with Totalview Authentication.

Setup server

Find Totalview HR server folder and open the config file called “HRServer.exe.config” and set these fields.

Set OAuthEnabled to true

Set Authority to the url of your Totalview Authentication server

Optionally set DefaultWinLoginDomain to the windows domain used for the corporation (e.g. frymil)

Set ApiSecret to secret – or the value store in the Totalview Database registered by Totalview Authentication. It is recommended to generate a new Secret and add it to the TotalviewDB ApiResourceSecrets table (SHA256 encoded)

Finally restart the server.

Setup Client

Find Totalview HR client folder and open the config file called “HR.exe.config” and set these fields.

Set OAuthEnabled to true

Set Authority to the url of your Totalview Authentication server

Set ClientSecret to secret – or the value store in the Totalview Database registered by Totalview Authentication. It is recommended to generate a new Secret and add it to the TotalviewDB ClientSecrets table (See below how to generate one)

Finally increment the tv_version in the .config file at line 2. If this doesn’t exist then add it like this

<?xml version="1.0"?>
<!-- tv_version=0.0.0.1 -->

Setup HR Web Portal

ind Totalview HR Web portal folder and open the config file called “Web.config” and set these fields.

Set UseTotalviewAuthentication to true

Set Authority to the url of your Totalview Authentication server

Set ClientSecret to secret – or the value store in the Totalview Database registered by Totalview Authentication. It is recommended to generate a new Secret and add it to the TotalviewDB ClientSecrets table (See below how to generate one)

Set RedirectUri to http(s)://[PUBLIC URL OF WEB PORTAL]/authorization-code/callback

Set PostLogoutRedirectUri to http(s)://[PUBLIC URL OF WEB PORTAL]

In the Web.config file Change the Authentication Mode to None

<system.web>
    ...
    <authentication mode="None" />
</system.web>

In the IIS, find the HR Web Portal Site. Click Authentication and make sure that only “Anonymous Authentication” is Enabled and that everything else is Disabled.

Go to the Totalview Database and in the “ClientRedirectUris” and “ClientPostLogoutRedirectUris” tables update the registered urls for the Totalview HR web portal client. They should be the same as registered in the Web.Config

Generate client secret

This will generate the value for a client secrete ‘secret’, and can be inserted into the ClientSecrets table.’

DECLARE @HASHBYTES VARBINARY(128) = hashbytes('sha2_256', 'secret')
SELECT cast(N'' as xml).value('xs:base64Binary(sql:variable("@HASHBYTES"))', 'varchar(128)');