Enhanced Authentication
Last updated
Last updated
Enhanced Authentication enables KONNEKT to use improved OAuth 2.0 authorization.
By enabling this setting:
A new Azure app registration is required
Users need to reauthenticate!
Namespaces are built from default domain (\\onedrive-<DefaultDomainName>\...), no longer from initial domain (\\onedrive-<InitialDomainName>\...).
Possible side effects include:
Pinned KONNEKT folders in Quick Access won't work
KONNEKT UNC paths in Office apps might still refer to previous names
This policy is applicable to KONNEKT version 2.10 and above.
To enable this setting, configure it tenant-wide. Enabling this will prompt Azure to register a new app with fewer permissions.
With more detailed permissions, users have to reauthenticate. Additionally, the UNC path and displayed tenant name will switch to the default tenant name rather than the initial tenant name.
This feature enables the use of conditional access policies with excluded apps in Azure/EntraID.
Policy Name: Enhanced OAuth
Possible values: Can be enabled or disabled.
The default value is disabled.
We recommend to use our latest ADMX template to configure this setting. You will find the policy in "System settings" in GPO editor.
After the new Azure app registration is set up, the old one should be deleted.
Key name: EnhancedOAuth
Type: REG_DWORD 32 bit
Function
Value
Behavior
Disable
0
(default)
KONNEKT will use the traditional OAuth 2.0 procedures.
Enable
1
KONNEKT will use an improved OAuth 2.0 code with.
The default value is 0 (disable).