Persisting the oAuth2 refresh token

iManage Work has enhanced the security of the iManage Work Desktop for Windows clients by eliminating the need to automatically store the user credentials in the Credentials Manager on Windows by leveraging OAuth 2.0. OAuth 2.0 is a widely used industry standard that enables client applications to use secure tokens instead of a username and password for authentication and authorization. The implementation is transparent which means it does not require any action from users or administrators. OAuth2 is supported for iManage Work Desktop for Windows, iManage Work applications, and third party apps, provided they connect to iManage Work Server 10.2.2 (or later) with the database schema 10.2.1 (or later).

When authentication is handled by OAuth, if you restart your computer, you will have to sign in to iManage Work again using the client applications to ensure you have the correct authorization token to access content from iManage Work. To ensure that your authentication to iManage Work is persisted even after a Windows logout or reboot, enable the following registry setting:

Location: HKEY_CURRENT_USER\Software\iManage\Work\10.0\ADFS
Name: TokenCachingType: REG_DWORD

  • 0: Disabled (default)

  • 1: Enabled

The refresh token is cached after you enter the credentials once so that the token does not expire and you are not prompted to sign in again. Credential Manager stores the information in encrypted format to ensure security.