IBM Support

Using IBM Business Automation Content Services on Cloud

Product Documentation


Abstract

Business Automation Content Services on Cloud is a comprehensive content management cloud service that delivers document management and content lifecycle capabilities that can be rapidly provisioned as a flexible, cost-effective cloud service for new and existing applications.

Content

Business Automation Content Services on Cloud provides superior scalability, security, stability, mobility, and content management capabilities that can be utilized for a variety of use cases that include:

  • Business and transactional content services
  • Collaborative document management
  • Imaging solutions
  • Social content management
  • Archiving

Business Automation Content Services on Cloud is based on IBM FileNet Content Manager, a reliable, scalable, and highly available enterprise platform that enables you to capture, store, manage, secure, and process information to increase operational efficiency and lower total cost of ownership. Business Automation Content Services on Cloud helps you to streamline and automate business processes, access and manage all forms of content, and automate records management to help meet compliance needs.

The general Cloud Service capabilities include:
  • Document Management with version control and compound documents
  • Content Collaboration with social capabilities
  • Document review and approval workflows
  • Process Orchestration and the ability to invoke a Web Service in a workflow
  • Ability to integrate content access with multiple P8 repositories in the same Cloud instance
  • Microsoft Office integration through Content Navigator Edit Service
  • Microsoft Office document integration through IBM Content Navigator for Microsoft Office
  • Microsoft Office document viewing with annotation support
  • Document redaction
    • Redaction support limited to PDF and image file formats
  • Mobile device support
  • Development and Administration Tools
    • APIs - GraphQL (Tech Preview), Java, .NET and Content Management Interoperability Service (CMIS)
    • Custom events
    • User interface plug-in
    • Custom classifiers (provisioned upon service request)
    • DITA Model (provisioned upon service request)
    • Deployment and design tools

You get a dedicated instance that is hosted in IBM cloud data centers and managed by IBM, and is configured and ready to use. Your instance includes separate environments for development, testing, and production. A single sign-on to the Business Automation Content Services on Cloud portal provides your developers, content owners, and business users access to all of the components and environments that are appropriate to their roles and enables them to get started with content management improvement quickly.

See the following topics for more information:


Users

The Account Administrator manages the accounts of other users and monitors usage in the IBM Business Automation Content Services on Cloud environment.

Other users interact with the content management system in accordance with their user role:

  • A Developer User interacts with the Development environment to create and deploy a content management solution or business process.
  • A Tester User interacts with the Test Environment to validate the solution or application that is created by the Developer.
  • A Business User interacts with the deployed solution or application in the Run Environment to manage content and complete business processes.

Environments

IBM® Business Automation Content Services on Cloud enables the following environment types:

Development

Use the development environment to develop, play back, and deploy applications, and also to create content-related processes.

Test

Use the test environment as a staging environment to validate business processes before they are deployed into the run-time environment. The test environment has the same components as the run-time operating environment.

In the test environment, you use snapshots of applications that are deployed from the development environment. By using snapshots, you can test applications before you deploy them to the run-time operating environment.

Run

Use the content management run environment to work with validated snapshots of content applications. The run-time environment has the same components as the test environment. As a business user of the run-time environment, you participate in processes that were previously validated from application snapshots.

Components

IBM® Business Automation Content Services on Cloud provides the following components:

Administration Console for Content Platform Engine

The Administration Console for Content Platform Engine provides a comprehensive UI to configure and administer the Content Platform Engine in your Business Automation Content Services on Cloud instance. You can use the console to configure and administer object stores and security, as well as to define custom classes and properties in your system.

IBM Content Navigator

IBM® Content Navigator is a flexible, customizable web client that can be configured to align with the needs of each line of business.

Content Platform Engine Administration Tools

The Content Platform Engine Administration Tools is a package that includes the most commonly used  administration tools for the Content Platform Engine such as FileNet Deployment Manager and Process Designer.

IBM Content Navigator Clients

The IBM Content Navigator Clients are the client components for IBM Content Navigator. These include the Edit Service, Sync Service, and IBM Content Navigator for Microsoft Office.

Content Platform Engine API

The Content Platform Engine API is the client API for the Content Platform Engine. This includes the Content Platform Engine API (Java and .NET) and Content Management Interoperability Service API.

Components will be displayed based on the type of Cloud instance you have (Express or Enterprise), the environments you have access to, and the role that you have. The following matrix shows when and which components will be displayed:

Express Instance

Role

Env Access

ICN

ICN Clients

ACCE

CPE Tools

CPE API

CPE User

Run

X

X

ACCE Designer

Run

X

X

X

X

CPE Administrator

Run

X

X

X

X

X

Enterprise Instance

Role

Env Access

ICN

ICN Clients

ACCE

CPE Tools

CPE API

CPE User

Dev

X

X

X

Test

X

X

Run

X

X

ACCE Designer

Dev

X

X

X

X

Test

X

X

X

Run

X

X

X

CPE Administrator

Dev

X

X

X

X

X

Test

X

X

X

X

Run

X

X

X

X

Getting Started

Getting your organization started with IBM Business Automation Content Services on Cloud generally follows this procedure:

  1. The user who is assigned the account administrative role receives an email invitation and follows the link to create and configure access to the instance.
  2. The account administrator invites new users. See Inviting users.
  3. Invited users activate their access by clicking the link in the email invitation that is sent to them when the account administrator invites them. See Activating your user access.
  4. Users log in to the IBM Business Automation Content Services on Cloud instance.
  5. Users set up and use the content management system according to business needs.
  6. Environment developers utilize the user and group management API to provision users and groups in the dedicated user registry in the cloud tenant space. See Provisioning users and groups for the user registry.

Activating your user access

To activate your IBM Business Automation Content Services on Cloud user account, complete the following steps:

  1. Click the link in the email invitation that you received to create your account.
  2. Provide the information to activate your access:
    • Your user ID is always your email address.
    • Enter your first and last name.
    • If you do not already have a password, you are prompted to enter a new password for your account.

      Important: You are prompted to change your password every 90 days. If you reset your password, the temporary password expires after an hour.

  3. Click Activate. If you have access to more than one instance of Business Automation Content Services on Cloud, you will see a list of your subscriptions. Select the instance that you want to work in.

    When you are inside the instance you want to work with, you see the Work tab by default. On the Work tab, you can access the environments inside the instance. If you are assigned the Account Administrator role, you also see the Admin tab.

  4. Set your first and last name. Go to your Profile page and type in your first and last name. Then click Update.
  5. Optional: To manage roles and groups for subscription members, click the Admin tab.

You can update profile information such as your first name, last name, or preferred language by clicking your name and then Profile from the Business Automation Content Services on Cloud menu bar. You cannot change your user name, which is your email address.

Managing Accounts

As an account administrator, you are responsible for managing both user and service accounts.

User accounts

You invite users by email to access IBM Business Automation Content Services on Cloud and create a user account. The user account is identified by an email address. After accounts are set up, you assign roles and permissions to users so that they can do their work.

When a user activates an account, personal data, such as the user's email address, first name, and last name, are stored in the IBM Business Automation Content Services on Cloud user management platform. As the user interacts with the content management environment on the instance, personal data is also stored in that instance.

The European Union General (EU) Data Protection Regulation (GDPR) includes a requirement that individuals have a right to be forgotten, for example, when they leave the company. When you remove a user from an IBM Business Automation Content Services on Cloud instance, by default the user's personal data is removed from that instance and the user management platform. If the user has an account on more than one instance, you must remove the user from each of these instances too.

Service accounts

For client applications, a service account is the equivalent of a user account. You create a service account by generating the corresponding service credentials that consist of a functional ID and password. Client applications require these credentials to access the IBM Business Automation Content Services on Cloud environment. A service account is identified by a functional ID and it can be used by one or more client applications. For more information, see Managing service accounts.

Inviting users

To add users to your IBM Business Automation Content Services on Cloud environment, complete the following steps:

  1. Log in to IBM Business Automation Content Services on Cloud at Digital Business Automation on Cloud. Select the appropriate subscription, if you have more than one.
  2. Click Admin > User Management, then click Invite Others.
  3. Enter the email address for the user, or users, that you want to add. Provide the email address, or addresses, in the following format: local-part@domain, for example, John_Doe@mycompany.com. You can either type email addresses or you can paste copied email addresses into this field. If you add multiple email addresses, separate the entries with a comma or space, or add one email address per line.

    Restriction: The local part of the email address can contain the following characters: A-Z, a-z, 0-9, . (period), - (dash), and _ (underscore).

  4. Click Invite.

    The user you have invited is granted access to the Run environment by default. Grant access to the other environments by checking the box under the corresponding column.

Assigning role-based administration access

After a user activates their account, you can assign role-based administration access as applicable.

To assign role-based administration access to a user:

  1. Log in as an Account Administrator.
  2. Click Admin > User Management.
  3. Assign or remove role-based administration access to a user by clicking the name of that user. If you do not see the name of that user, make sure the user has already set the first and last name from the Profile page. The following roles apply:
    • Content Platform Engine Class Designer (ECMoC_Client_ACCE_ClassDesigner)
    • Content Platform Engine Application Designer (ECMoC_Client_ACCE_ApplicationDesigner)
    • Content Platform Engine Administrator (ECMoC_Client_CPE_Administrator)
    • IBM Content Navigator Desktop Administrator (ECMoC_Client_ICN_DesktopAdmin)

When you assign a role to a user, that user is added to the corresponding group in the dedicated user registry in the Cloud instance. If that user has already logged into the Administration Console for Content Platform Engine or IBM Content Navigator, the role change is not immediate due to the Content Platform Engine user token cache. This cache stores a local copy of the mapping from a security principal (a user or group) to its list of security IDs (SIDs) used by Content Platform Engine to authorize the principal. Maintaining this information in the user token cache means Content Platform Engine does not have to retrieve the information from the dedicated user registry every time it needs information about a user. The user token cache Time To Live (TTL) attribute is set to 1 hour. For more information, see Security Caching.

For the Content Platform Engine Class Designer role, the Content Platform Engine Application Designer role, and the Content Platform Engine Administrator role, only one can be selected at any time. The Content Platform Engine Administrator role already includes all the privileges of the Application Designer or Class Designer role. The Content Platform Engine Application Designer role already includes all the privileges of the Class Designer role. For more details about the Content Platform Engine Application Designer and Class Designer roles, see the following information: Designer group access.

You can also create additional Account Administrator users.

Setting the password for the Content Platform Engine Administrator role

If you are assigned the Content Platform Engine Administrator role, you must set your password in the dedicated user registry. Make sure this password is the same one you already set for your Business Automation Content Services on Cloud user account when you activated your account. See Activating your user access for more details.

To set the password:

  1. Log in to your Cloud instance.
  2. In the Business Automation Content Services on Cloud menu bar, click your name and then click Set Admin Password.
  3. Type the password and click Set.

Changing the password

You can change the password that you use to log in to your Cloud instance.

To change the password:

  1. Log in to your Cloud instance.
  2. In the Business Automation Content Services on Cloud menu bar, click your name and then click Change Password.
  3. Type the password and click Change.

Managing service accounts

A service account is used by client applications to authenticate to the IBM® Business Automation Content Services on Cloud environment. Create a service account by generating service credentials.

To create a service account:

  1. Log in as an Account Administrator.
  2. Click Admin > User Management.
  3. Create the credentials for the service account. On the Service Credentials page, click CREATE CREDENTIALS, and give the service an alias. A functional ID alias can contain the following characters: A through Z, a through z, 0 through 9, . (period), - (dash), and _ (underscore). The functional ID and password are displayed.

    Important: The credentials are displayed only when you create them. If you close the window without copying the credentials, you cannot display them again, and you must create a new set. Save the credentials by clicking COPY TO CLIPBOARD.

Creating usage reports

You can view information about usage on your IBM® Business Automation Content Services on Cloud instance. You can also generate reports about user volume over periods that you specify.

To create usage reports:

  1. Log in as an Account Administrator.
  2. Click Admin > Reports.
  3. Select the report type and the reporting period, then click Update to generate the usage report.

Managing Operating Environments

You can manage your IBM® Business Automation Content Services on Cloud environments. You can retrieve and view log files, upload a Content Navigator plugin jar file, and restart components. To manage operating environments, you must have the Operator role which is granted by the Account Administrator.

To grant the Operator role to a user:

  1. Log in as an Account Administrator.
  2. Click Admin > User Management.
  3. Search the user to be granted the Operator role. Select the Operator role checkbox.

To manage operating environments:

  1. Log in as Operator to IBM Business Automation Content Services on Cloud.
  2. Click Admin > Operating Environment Management.
  3. Click the tab for the environment you want.

The following options are available on the Operating Environment Management page:

Option

Description

Environment

Log Retrieval

You can retrieve log data for components in your environments. You will see a log retrieval history table with the following information:

  • Component for which the log was requested
  • Time when the log was requested
  • Operator who made the request
  • Status of the request

A log is ready to download when its status changes to Download. Log retrieval might take some time. Refresh for the latest status. Logs can be deleted after successful downloads. You can also delete the logs without downloading them.

Development, Test, Run

IBM Content Navigator Plug-in Upload

You can upload IBM Content Navigator plug-ins to your environments. The plug-in should not exceed 300MB. Once the plug-in is uploaded, it is ready for deployment in the /opt/ibm/plugins directory on the IBM Content Navigator Administration desktop.

Development, Test, Run

Component Restart

You can restart the components in your environments. The component restart might take some time to complete. These scenarios are examples where restarting a component can be useful:

  • You want configuration changes to take effect immediately. For example, you have made role changes and do not want to wait for existing user token cache to expire.

    See Assigning role-based administration access for more details.

  • You are developing and testing custom IBM Content Navigator plug-in code. You have encountered issues with a specific component due to custom code.

Development, Test, Run

Administering Content Platform Engine

If you are assigned the Content Platform Engine Administrator role, you are able to get access to the Content Platform Engine Administration Tools. See Components.

As a Content Platform Engine Administrator, you are part of the ECMoC_Client_CPE_Administrator group in the dedicated user registry in your Cloud instance. This means that you have full administration access to the object store provisioned for your instance, including the workflow system. The object store level security is configured as follows:

  • ECMoC_Client_ACCE_Class_Designer (group) - Full Control
  • ECMoC_Client_ACCE_Application_Designer (group) - Full Control
  • ECMoC_Client_CPE_Administrator (group) - Full Control
  • ECMoC_Client_CPE_User (group) - Use object store

The ECMoC_Client_CPE_User is the LDAP group for all of your users who need to access the object store. You can add a user to this dedicated LDAP server in the following two ways:

  • When a user is invited by the account administrator via the User Portal using email address. See Inviting users.
  • When a user is provisioned via the user and group provisioning API by your own custom application. In this scenario, your custom application needs to ensure the user is added also to the ECMoC_Client_CPE_User group via the user and group provisioning API. See Provisioning the dedicated user registry.

As a Content Platform Engine Administrator, you have access to the Administration Console for Content Platform Engine, FileNet Deployment Manager, Process Designer and other Process tools. For FileNet Deployment Manager, Process Designer and other Process tools, see the instructions in the Content Platform Engine Tools package. You can download the Content Platform Engine Tools package from the Work tab after you log into your instance.

When you use the Administration Console for Content Platform Engine as a Content Platform Engine Administrator user, special considerations apply. See the attached document for details.

Administering IBM Content Navigator

If you are one of the initial account administrators invited to your Cloud instance, you are also automatically added to IBM Content Navigator as an administrator. As an IBM Content Navigator administrator, you have full access to the IBM Content Navigator administration settings. You can also add others as administrators to IBM Content Navigator. See the attached document for the special considerations that apply.

You can also enable desktop administration for IBM Content Navigator. You can use the pre-provisioned ECMoC_Client_ICN_DesktopAdmin group in the dedicated user registry in your Cloud instance. Refer to Configuring a desktop administration role for more details on how to configure IBM Content Navigator desktop administration.

Using External Share

You can securely share documents and folders that are stored in your content repository with external users by using the IBM Content Navigator external share feature. External users can then view, download, or modify the documents. When you share a folder, you can specify whether they can upload documents to the folder. You can also set an expiration date. When you use external share, you can view a list of all the documents and folders that you have shared. For more information, see Sharing documents with users outside of your organization.

With Business Automation Content Services on Cloud, your pre-provisioned object store and IBM Content Navigator are enabled and configured for External Share by default. You need to invite external users before you can share documents and folders with them in Business Automation Content Services on Cloud. Follow the steps below when you use the External Share feature in Business Automation Content Services on Cloud:
  • Invite the external users you want to share documents and folders.
  • External users are invited by an invitation email to activate their access to Business Automation Content Services on Cloud.
  • Users in your organization share documents and folders with external users from IBM Content Navigator.
  • External users accept a share invitation email and can work with shared documents and folders.

If you have a Business Automation Content Services on Cloud Enterprise instance, the external users that you invite are available to each environment in the Enterprise instance. You can decide in which environment you want to share documents and folders with the external users. After the users accept the share, they are able to access only the documents and folders that are shared with them in the corresponding environment.

Inviting external users

To invite and add external users to your IBM Business Automation Content Services on Cloud environment, complete the following steps:
  1. Log in to IBM Business Automation Content Services on Cloud at Digital Business Automation on Cloud. Select the appropriate subscription, if you have more than one.
  2. Click Admin> User Management> External User Management. Then click Invite Others.
  3. Enter the email address for the external user, or users, that you want to add. Provide the email address, or addresses, in the following format: local-part@domain. For example: John_Doe@mycompany.com. You can either type email addresses or paste copied email addresses into this field. If you add multiple email addresses, separate the entries with a comma or space, or add one email address per line.

    Restriction: The local part of the email address can contain the following characters: A-Z, a-z, 0-9, . (period), -(dash), and _ (underscore).

  4. Click Invite.

You cannot have an overlap between users in your organization and external users. You cannot invite an external user who is already a user in your organization that is listed on the User Management tab. Also, you cannot invite a user in your organization who is already an external user that is listed on the External User Management tab. For these cases, you get an error message that informs you that the user already exists.

Activating your access as an external user

To activate your IBM Business Automation Content Services on Cloud user account, complete the following steps:
  1. Click the link in the email invitation that you received to create your account.
  2. Provide the information to activate your access:
    • Your user ID is always your email address.
    • Enter your first and last name.
    • If you do not already have a password, you are prompted to enter a new password for your account. Important: You are prompted to change your password every 90 days. If you reset your password, the temporary password expires after an hour.
  3. Click Activate. If you have access to more than one instance of Business Automation Content Services on Cloud, you see a list of your subscriptions. Select the instance that you want to work in. When you are inside the instance that you want to work with, you see the Work tab by default. As an external user, you see an empty Work tab.
  4. Set your first and last name. Go to your Profile page and type in your first and last name. Then, click Update.

You can update profile information such as your first name, last name, or preferred language by clicking your name and then Profile from the Business Automation Content Services on Cloud menu bar. You cannot change your user name, which is your email address.

Sharing documents and folders with external users

Once an external user is invited to Business Automation Content Services on Cloud, you can share documents and folders with that external user. For more information, see Sharing documents with users outside of your organization

Work with shared documents and folders as an external user

When you receive a share invitation email as an external user, you can click the Accept Share link to accept the shared documents and folders. The IBM Content Navigator in Business Automation Content Services on Cloud is displayed. If you are prompted to log in, enter your email address and password that you used when you activated your access to Business Automation Content Services on Cloud. Once you are in IBM Content Navigator, you can work with the documents and folders that are shared with you.

Customize consent agreement and share email template

You can customize the consent agreement that share recipients will see when they are invited to accept content that is shared with them. Follow the steps for this customization:
  • Log in to IBM Content Navigator as an IBM Content Navigator administrator.
  • Go to Administration > Plug-ins. Select the Share plug-in and click Edit.
  • Select the object store and click Configure Share.
  • Type in the text you desire for the Consent agreement field. Click OK.
  • Now click Save and Close to exit the Share plug-in tab.

You can customize the entire email template that you use for your share invitations through the Administration Console for Content Platform Engine. You must be a Content Platform Engine Administrator to do this operation. For more information, see Customizing the email template for external sharing.

Using Key Protect

IBM Key Protect is a cloud-based security service that provides lifecycle management for encryption keys that are used in IBM Cloud services or client-built applications. Key Protect provides roots of trust (RoT), backed by a hardware security module (HSM). For more information on the IBM Key Protect Cloud service, see the IBM Cloud Catalog.

Business Automation Content Services on Cloud supports IBM Key Protect as an external key management service. If you select Key Protect support for your Cloud instance, the Business Automation Content Services on Cloud operations team will contact you. They will request information that is related to the Key Protect service instance that you want to use. Your Business Automation Content Services on Cloud instance will be provisioned with external key management that is enabled to point to your Key Protect service instance.

When Key Protect is enabled during provisioning of your Business Automation Content Services on Cloud instance, the Content Platform Engine domain master key and pre-provisioned storage area content encryption key is automatically generated and saved to your Key Protect service instance. Review the following guidelines about the master key and content encryption key:
  • Do not rotate or delete the domain master key. It is used to encrypt Content Platform Engine user credentials, user name, and passwords for various purposes that include access to external services and devices.
  • Do not delete your existing content encryption key or keys. They are used to encrypt and decrypt your content as they are stored and retrieved. Missing content encryption keys cause content encryption, decryption, and retrieval to fail.
  • Lock the Service ID and API Key that is associated with your Key Protect service instance. This action helps ensure that your service ID and/or API Key are not accidentally deleted.
  • Generate a new content encryption key on a specified interval as a best practice. For more information on how to generate a new content encryption key, see Encrypting content.

Using IBM Cloud Object Storage Immutable Object Storage

Business Automation Content Services on Cloud provides support for IBM Cloud Object Storage Immutable Object Storage. Immutable Object Storage preserves content and maintains data integrity. Retention policies ensure that data is stored in a WORM (Write-Once-Read-Many), non-erasable and non-rewritable manner. This policy is enforced until the end of a retention period. This feature can be used for long-term data retention including - but not limited to - organizations in the following industries:

  • Financial
  • Healthcare
  • Media content archives
  • Anyone seeking to prevent modification or deletion of objects or documents

Both event-based retention and permanent retention are supported.

The IBM Cloud Object Storage Immutable Object Storage support is only available for regional Cloud Object Storage. For the list of regions that support the immutable object storage, see the IBM Cloud Object Storage service availability information.

Using the IBM Enterprise Records Add-on

The Enterprise Records add-on includes full integration into the Business Automation Content Services on Cloud infrastructure and user experience. It offers a governance solution that makes it easier to manage a more strategic global records program and to enforce policies for retention and disposition across the organization and information environment.

With the Enterprise Records add-on, your Business Automation Content Services on Cloud instance comes with a Records-Enabled object store and a File Plan object store.

Enterprise Records Administration Client

The Enterprise Records Administration Client is a component that is displayed when the Enterprise Records add-on is provisioned. You can use the Enterprise Records Administration Client to configure and administer File Plans and other objects for your Enterprise Records management system.

For the Enterprise Records add-on, the Enterprise Records Administration Client does not support the following functions:
  • Reports
  • Tasks

For more information on how to administer Enterprise Records, see Administering IBM Enterprise Records.

User Roles and Security Configuration in the File Plan Object Store

When the Enterprise Records add-on is provisioned in your Cloud instance, you see the following Enterprise Records administration roles and are able to assign them to a user:
  • ECMoC_Client_IER_RecordsAdministrator
  • ECMoC_Client_IER_RecordsManager
  • ECMoC_client_IER_RecordsPrivilegedUser

When you assign one of these roles to a user, that user is added to the corresponding group in the dedicated user directory in the Cloud instance. For more information on how to assign an Enterprise Records administration role to a user, see Assign role-based administration access.

The directory groups that corresponds to the administration roles are also assigned to the Enterprise Records security roles in the File Plan object store (FPOS):
  • Records Administrator > ECMoC_Client_IER_RecordsAdministrator
  • Records Manager > ECMoC_Client_IER_RecordsManager
  • Records Privileged User > ECMoC_Client_IER_RecordsPrivilegedUser

Scheduling Disposition and Hold Sweeps

When the Enterprise Records add-on is provisioned in your Cloud instance, you can schedule your Enterprise Records disposition or hold sweep through the User Portal. To schedule an Enterprise Records sweep, you must have both the Operator and the ECMoC_Client_IER_Records Administrator role.

To grant the Operator role to a user:
  1. Log in as an Account Administrator.
  2. Click Admin > User Management.
  3. Search the user to be granted the Operator role. Select the Operator role check box.

To grant the ECMoC_Client_IER_RecordsAdministrator role, see Assign role-based administration access.

To schedule Enterprise Records disposition or hold sweeps:
  1. Log in as Operator with the ECMoC_Client_IER_RecordsAdministrator role to IBM Business Automation Content Services on Cloud.
  2. Click Admin > Enterprise Records Sweep Management.
  3. Click the tab for the environment where you want to schedule the sweep.
You are allowed to schedule one disposition sweep and one hold sweep per environment in your Cloud instance. When you schedule a sweep, you have the following options:
  • Sweep Type: Disposition or hold sweep.
  • Sweep Frequency: Day of Month (Monthly) or Day of Week (Weekly).
  • Sweep Start Time: Day and time of each month or Day and time of each week; and the timezone.

You can also delete an existing sweep schedule if it is no longer needed.

File Plan Import Export Tool

The File Plan Import Export Tool is a stand-alone application that allows an administrator to move a file plan and its associated objects to another object store. This tool does not support the Enterprise Records AddOn. If you have a Business Automation Content Services on Cloud Enterprise instance with the Enterprise Records AddOn and need to move file plans between the environments, contact Support.

Mobile access

You can configure access to Business Automation Content Services on Cloud on mobile devices. See Configuring access to IBM Content Navigator from mobile devices for more information on enabling mobile access. You must configure mobile access to IBM Content Navigator for each environment in your Business Automation on Content Services on Cloud instance.

After mobile access is configured, follow these steps on each mobile device:

  1. Install the IBM Navigator Mobile iOS or Android application.
  2. Open the IBM Navigator Mobile application and select Use your organization's login page.
  3. Enter the URL to IBM Content Navigator in your Business Automation Content Services on Cloud environment:
    https://<tenant instance virtual host>.bpm.ibmcloud.com/ecm/<dev|test|run>/navigator/

    Where:

    • <tenant instance virtual host> is the virtual host name of your Business Automation Content Services on Cloud instance.
    • <dev|test|run> is the environment where you want to access IBM Content Navigator on the mobile devices.

    Note that you must include the trailing slash in the URL.

  4. Follow the Business Automation Content Services on Cloud login screens to log into IBM Content Navigator on the mobile devices.

Provisioning users and groups for the user registry

Your Business Automation Content Services on Cloud instance comes with a dedicated user registry. Business Automation Content Services on Cloud requires provisioning of your cloud users and groups in the dedicated user registry. You can use the Business Automation Content Services on Cloud user and group management REST API to automate this provisioning.

The user and group management REST API is part of the cloud operations API and helps you provision and manage users and groups in your Cloud instance. You can use the REST API to add a user or group, delete a user or group, or check whether a particular user or group exists in the dedicated user registry.

You can also use the user and group management REST API to facilitate a bulk import of users and groups from your on-premises directory to the dedicated user registry in your Cloud instance.

For more information on using the user and management REST API for managing users and groups, see the attached guide.

If you are using the previous SCIM-based user and group management REST API, you can continue to use it. However it is highly recommended that you move to the user and group management REST API mentioned above. For more information on the SCIM-based REST API, see the attached guide and code samples.

Developing Content Management Interoperability Services Applications with Content Services on Cloud

Content Management Interoperability Services (CMIS) is an open source OASIS standard that enables applications to work with one or more content management systems. CMIS defines a standard domain model and standard set of services and protocol bindings for web services and RESTful AtomPub. You can develop applications using the CMIS API to work with Content Services on Cloud.

The attached archive file, CMISClient_Sample.zip, provides additional instructions and sample code.

Technology preview: Using the Content Services GraphQL API

The new Content Services GraphQL API is available in Business Automation Content Services on Cloud as a technology preview. The Content Services GraphQL API enables the caller to create, retrieve, update, or delete resources. The API is ideal for web and mobile application development because it supports retrieving exactly the data you need with a single call.

The technology preview includes the following operations:

  • Metadata discovery
  • Document and Folder operations
  • Search operations
  • Browse operations - a folder query of contained subfolders and documents

This preview also includes GraphiQL, an in-browser integrated development environment that helps you explore and interact with the API. Use the following URL to access this development environment:

https://<tenant instance virtual host>.bpm.ibmcloud.com/ecm/<dev|test|run>/content-services-graphql/

Where:

  • <tenant instance virtual host> is the virtual host name of your Business Automation Content Services on Cloud instance.
  • <dev|test|run> is the environment where you want to access the Content Services GraphQL API.

Note that you must include the trailing slash on the access URL.

For more information, refer to the following sections in the Technology preview: Using the FileNet Content Manager Content Services GraphQL API technical notice.

Integrating with IBM on-premise software

You can use Business Automation Content Services on Cloud as a content repository for the IBM Content Collector for File Systems, IBM Content Collector for SAP, and Datacap on-premise software. This enables your business to archive or scan on-premise content into Business Automation Content Services on Cloud, achieving the benefits of enterprise content management in the Cloud.

For details on how to configure IBM Content Collector for File Systems on-premise with Business Automation Services on Cloud, refer to the following technical notice.

For details on how to configure IBM Content Collector for SAP on-premise with Business Automation Services on Cloud, refer to the following technical notice.

For details on how to configure Datacap on-premise with Business Automation Content Services on Cloud, refer to the following technical notice.

Secure communication to the Cloud instance endpoints

Business Automation Content Services on Cloud supports TLS 1.2 as the minimum level of secure communication to the Cloud instance endpoints. Supported ciphers are based on ECDHE_RSA key exchange with GCM/CBC based encryption.

[{"Product":{"code":"SS5RVW","label":"IBM Business Automation Content Services on Cloud"},"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Component":"--","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":""}]

Document Information

Modified date:
01 November 2019

UID

swg27050963