iDocuments Software-as-a-Service (SaaS) Public Cloud Technical Information

First published on: 09/28/2023/1:50 am

 

Introduction

This document technical information for customers of the Vision33 iDocuments V5 Public Cloud (Multi-tenant environment). This information in this document is regularly updated so please ensure you are referring to the most up to date version. This document supersedes all other previous technical specifications and versions of this document or technical information provided whether written or verbal.

 

Got Questions?

Please email any questions relating to this document to Vision33 TOTAL Care at support@vision33.com and include ‘iDocuments’ in the subject line.

 

Accessing iDocuments

Accessing iDocuments Via Internet Browser

iDocuments is a browser-based application that works best in Google Chrome on Microsoft Windows PCs, laptops, and other devices.

 

The iDocuments application can be accessed via the following URL: https://production.idocuments.io/

 

Browser and Desktop Requirements

Other requirements for PCs and laptops:

  • Adobe PDF reader (required to view scanned invoices and other documents)
  • Microsoft Excel (UK and US version) for data exports from listing pages and reports.

 

Technical Information

Integration with SAP Business One - SAP License Requirements

iDocuments utilizes SAP Business DI-API for posting transactions to SAP. This requires an SAP Business One client and dedicated SAP Business One User (cannot be Manager) with a Professional License applied.

 

Integration for On-Premise Customer or 3rd Party Hosted SAP Business One

An additional Microsoft Windows server is required to install SAP Business One WebAPI and Saltbox Remote Agent.

 

  • Minimum server requirements: 4 GB RAM, Dual Core CPU, 100 GB HD
  • Opening of inbound ports to this server: 4033 (HTTPS: SAP B1 Web API), 8181 (HTTPS: Saltbox Remote Agent)
  • SSL Certificate installed
  • Saltbox Public IP to be whitelisted for inbound communication.
  • SAP B1 DI API 32- and 64-Bits including database drivers. (For SAP V10 the legacy DI API 32 bits package needs to be installed)
  • Microsoft ASP.NET Core 6.0 Runtime
  • Microsoft IIS
  • Either HANA HDB client or SQL Management access, along with either SYSTEM or SA account
  • Windows service user for running the processes.
  • Remote access available for Vision33 consultant(s)

 

Integration with Infor SunSystems - SUN License Requirements

iDocuments utilizes SunSystems Connect (SSC) API for posting transactions to Infor SunSystems. This requires a dedicated Sun User with Sun access for validation and support, and SSC access applied for the required business units.

 

Integration for On-Premise Customer or 3rd Party Hosted Infor SunSystems

An additional Microsoft Windows server is required to install iDocuments API and Saltbox Remote Agent.

 

  • Minimum server requirements: 4 GB RAM, Dual Core CPU, 100 GB HD
  • Opening of inbound ports to this server: 4033 (HTTPS: iDocuments API), 8181 (HTTPS: Saltbox Remote Agent)
  • SSL Certificate installed
  • Saltbox Public IP to be whitelisted for inbound communication.
  • Microsoft ASP.NET Core 6.0 Runtime
  • Microsoft IIS
  • SQL Management access, along with SA account, for remote agent database storage
  • Windows service user for running the processes.
  • Internet access or access to the below Saltbox website URLs
    • https://s3.amazonaws.com
    • https://www.saltbox.io
  • Remote access available for Vision33 consultant(s)

 

Microsoft Office 365 Email Integration

Microsoft Office 365 is used for alerts (all iDocuments Purchasing, Sales, and Expenses), emailing Purchase Orders to suppliers, both from PO list screen and the Saltbox integration. It is also used when receiving supplier Goods Receipts or AP invoices (Purchasing) and customer sales orders (Sales).

 

OAuth 2.0 Support for Connecting to Microsoft Office 365

iDocuments uses OAuth 2.0 authorization as the standard for connecting to mailboxes.

 

ADVANCED – OAuth 2.0

  • Register the application on the Tenant as an “Allowed application”
  • Authentication then uses email, password, tenantID, clientID and applicationID to obtain an authorization token which eventually expires and/or become stale so we generate a new one each time we want to access.
  • When accessing the inbox, the token is sent as the “logon”.
  • This will authenticate the access, but the application must also be “Granted Access” to the mailbox of which the scope defined is just the inbox for “Read” and “Update”.

 

ACCOUNT

  • iDocuments can connect to an actual inbox with a license
  • iDocuments can also access a shared mailbox (with no license) via a delegated email/password of an account that does have a license and access to the mailbox.

 

MFA (Multi-factor authentication)

  • Occurs after the above and requires user interaction and hence requires additional set-up to implement.
  • This is irrespective of BASIC/ADVANCED and DIRECT/DELEGATED – the account being used to authenticate should follow the details on the OCR Mailboxes with MFA instructions in order to have MFA enabled.

 

Common Questions

  • Inbound should be different to outbound.
  • If hosted Exchange, you must use Advanced/Modern Authentication.
  • If on-premise MS Exchange, you need to enable Basic OR use Modern Authentication.
  • If Exchange, it can be a shared mailbox, but you will need a licenced user account that has delegated access to it.
  • If exchange OR Gmail and you have MFA enabled, you will require an APP PASSWORD to be configured and valid for connections.

 

Modern Authentication - OAuth 2.0 Configuration

Step 1 - Access the portal

Browse to Azure Portal and login with an administrator account.

 

Step 2 - Register the application

  • From the menu/search, find App registrations.
  • Click New registration.
  • Enter the name iDocuments Mailbox Scanner.
  • Check the Single tenant option.
  • For the redirect select Public Client/Native (Mobile & desktop).
  • Enter the value urn:ietf:wg:oauth:2.0:oob
  • Click Register.

 

Step 3 - Configure

  • From the menu, find Manifest.
  • In the editor that loads, change the parameter : "allowPublicClient": true,
  • Lower in the editor, replace "requiredResourceAccess" section with the below
  • Click Save (if the button is not enabled, check the formatting of the editor text)

 

"requiredResourceAccess": [
{
"resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
"resourceAccess": [
{
"id": "3b5f3d61-589b-4a3c-a359-5dd4b5ee5bd5",
"type": "Scope"
}
]
}
],

 

Step 4 - Permissions

  • From the menu, find API permissions.
  • Check there is one option named EWS.AccessAsUser.All
  • Click Add a permission.
  • From the menu that loads, choose Microsoft Graph followed by Delegated permissions.
  • Within the list that loads, locate the Mail category and tick all those related to Read and Update access. (read to download the mail and update to mark as read and update the subject in case of failures)
  • Click Add permissions.

 

Step 5 - Authentication

 

Step 6 - Branding

  • From the menu, find Branding.
  • Upload a logo to present to the user when granting consent *optional.
  • Check the Publisher domain and if different to the mailbox domain click Update domain.
  • If required: In the window that loads, select the correct domain from the list of verified domains and click Save.
  • If you wish, link your MPN ID to the show the verified application badge *optional.
  • Click Save to confirm the changes.

 

Step 7 - Keys

  • From the menu, find Overview.
  • Take a note of the Application (client) ID.
  • Take a note of the Directory (tenant) ID.

 

iDocuments iPhone and Android Phone App

See separate iDocuments Mobile Application - User Guide (vision33.com) for more information

 

Users can download the iDocuments app for iPhones and Android phones from the Apple App Store (iOS) Apple Store Link or the Google Play Store (Android) Google Play Link.

  1. Search the app store on your device for ‘iDocuments Mobile’
  2. Download ‘iDocuments Mobile’

iDocuments APP for iPhone

  • Available for iOS 13.3 or above.
  • An Apple App Store account is required to download the app.
  • The app uses internet, storage, location, and camera services and requires those permissions on your device.

 

iDocuments APP for Android

  • Available for Android 8.0 or above.
  • A Google Play Store account is required to download the app.
  • The app uses internet, storage, location, and camera services and requires those permissions on your device.

 

NOTE – Due to the very large number of Android devices in existence, we cannot be certain that the iDocuments app will run on all Android devices, even if they are running the correct version of the operating system.

 

 

System Architecture Diagrams

Integration Option Examples

 

On Premise Example - SAP B1 US Public Cloud

On Premise Example - SAP B1 UK Public Cloud

On Premise Example - Infor SunSystems - US Public Cloud

 

Type

IP Address for whitelisting

Saltbox Integration engine

34.136.190.164

US Public Cloud

 

Email alerts (SMTP)

18.215.69.26

OCR Invoice mailbox (EWS)

54.87.31.189

UK Public Cloud

 

Email alerts (SMTP)

34.246.221.144

OCR Invoice mailbox (EWS)

63.33.223.23

 

 

Changes:

Version 1.7 - Original site update and added Infor example

Version 1.8 - Updates to Mobile links

Version 1.9 - Additional UK Public cloud example and updated link to new mobile app guide

Version 2.0 - Reverted saltbox IP for UK public cloud

Version 2.1 - Clarified update required for mailboxes

Version 2.2 - Extracted IP Addresses for clarity

  

Last modified: 04/10/2025/4:22 pm

On this page

-