By enabling the cacheCredentials configuration option on the management interface, end users will be asked less frequently to sign in when submitting a print job.

Process description

When the administrator configures the system to cache user credentials, the access token generated by Job Service will be stored on the user's workstation in a secure system credential store. It is the system keychain on macOS, and on Windows, it is the Credentials Manager.

While the token is not expired it will be reused for all print job submissions. Once it expires user will be prompted to sign in again.

Removing credentials automatically

When the user has also escalated privileges, the credentials are removed from the corresponding credential store automatically during uninstall procedure (both on Windows and macOS).

Limitation: The credentials will be removed only for the logged user (the one who runs uninstall script), there is no possibility to remove or edit credentials for other users.

Removing credentials manually

There is also an option to remove credentials manually either via command line:

Windows

cmdkey /list | ForEach-Object{if($_ -like "*Target:*" -and $_ -like "*Print Management Client*"){cmdkey /del:($_.trim() -replace "Target: ","")}}

macOS

sudo security delete-generic-password -l "Print Management Client Access Token"

Or via GUI for Keychain on macOS or Credentials Manager on Windows.

Job Service Configuration Options

These settings can be changed in the YSoft SafeQ Job Service configuration file configuration/local.json and can be found in Configuring YSoft SafeQ Job Service page, IdentityServerOptions Group.