Simple. Serverless. Secure. uniFLOW Online
Cloud-based Secure Printing, Scanning and Accounting uniFLOW Online
Secure Cloud Printing and Scanning for Business uniFLOW Online
Control Access. Control Cost. uniFLOW Online Express

uniFLOW Online system architecture

The following architecture overview diagrams provide an overview of the key components/ services and the general data flow of uniFLOW Online.

uniFLOW Online overview

uniFLOW Online is delivered as a pure Software-as-a-Service (SaaS) built natively on the Microsoft Azure Web Service platform.

Microsoft Azure data centers ensure maximum security by encrypting data according to industry-standard protocols. TLS 1.2 protects data in transit between Microsoft cloud services, and TLS 1.2 is the minimum protocol for all uniFLOW Online deployments and the components involved in the solution. TLS 1.3 with Perfect Forward Secrecy (PFS) is used for Canon imageRUNNER and Canon imageFORCE devices, and browser connections where supported. All uniFLOW Online client components connect to the solution via HTTPS and are authenticated using OAuth 2.0 to ensure authenticity. Connections are only ever outbound from the customers' network to uniFLOW Online.

All uniFLOW Online customer data at rest is stored in Azure Storage Accounts and is encrypted and decrypted transparently using 256-bit AES encryption.

As part of the uniFLOW Online service offering, customers can integrate their components/ infrastructure into the configuration. This includes email communication and print and scan data storage. If implemented, these components will replace the respective services provided by uniFLOW Online. All connections are established via HTTPS and are using industry-standard protocols and technologies.

User authentication is handled via recognized standard protocols, WS-Federation and OpenID Connect. This ensures the customer can integrate their identity management solutions with uniFLOW Online and completely control the security and policies applied to end-users regarding login and authentication (Conditional access, MFA, etc.).

uniFLOW Online Web Services – These are the core web services that support the uniFLOW Online solution, which utilizes Azure Web Services.

NTWOIS – This is the NT-ware OAuth Identification Service. The service is responsible for issuing, validating, and refreshing the access tokens required by all components to authenticate securely with uniFLOW Online.

Real-time connection platform (IoT Hub) –  This managed service acts as a central message hub for bidirectional communication between uniFLOW Online and the supported client components (devices) it manages, such as the uniFLOW SmartClient and Canon MEAP/ AddOn Platform devices.

Filing Assist/ Scan Center – This is the uniFLOW Online scan job automation/ workflow processing service, which allows the end-user to handle scan workflows that require manual user interaction directly from their computer instead of having to finish and send each scan at the device itself.

**Multi-vendor embedded applet support is currently available on Lexmark devices. See our documentation for further details.