(Created target blank page For Version: PSAAS:Julie) |
m (Text replacement - "Genesys Engage Cloud" to "Genesys Engage cloud") |
||
| (4 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | <!-- | + | =Single Sign-On= |
| + | |||
| + | {{Template:PEC_Migrated}} | ||
| + | |||
| + | |||
| + | __TOC__ | ||
| + | |||
| + | Genesys Engage cloud supports single sign-on (SSO), which lets users access supported applications with one login. It can also be configured to use {{#Widget:ExtLink|link=https://en.wikipedia.org/wiki/SAML_2.0|displaytext=SAML 2.0}} for integrations with third-party identity providers such as Okta or Google. There are many advantages to enabling SSO in Genesys Engage cloud—for example: | ||
| + | * Users need to remember only one password. | ||
| + | * User credentials are managed by a third-party identity provider. | ||
| + | * Users only need to log in once to gain access to Genesys Engage cloud applications that have SSO enabled and non-Genesys applications that use the same identity provider. | ||
| + | |||
| + | ==SSO support by application== | ||
| + | <toggledisplay linkstyle font-size:larger showtext="[+] Click here to see which Genesys Engage cloud applications support SSO." hidetext="[-] Hide"> | ||
| + | {| border="1" | ||
| + | |- | ||
| + | ! Applications | ||
| + | ! Single Sign On Support | ||
| + | |- | ||
| + | | Agent Desktop | ||
| + | | Yes | ||
| + | |- | ||
| + | | Agent Setup | ||
| + | | Yes | ||
| + | |- | ||
| + | | Callback | ||
| + | | Yes | ||
| + | |- | ||
| + | | Cloud Data Download Service | ||
| + | | Yes | ||
| + | |- | ||
| + | | CX Contact | ||
| + | | Yes | ||
| + | |- | ||
| + | | Designer | ||
| + | | Future Roadmap | ||
| + | |- | ||
| + | | Developer Console | ||
| + | | Yes | ||
| + | |- | ||
| + | | Genesys CX Insights | ||
| + | | Future Roadmap | ||
| + | |- | ||
| + | | Genesys Softphone | ||
| + | | Yes* | ||
| + | |- | ||
| + | | Screen Recording | ||
| + | | Yes* | ||
| + | |- | ||
| + | | Real-Time Reporting (Pulse) | ||
| + | | Future Roadmap | ||
| + | |- | ||
| + | | Gplus Adapter Salesforce | ||
| + | | Future Roadmap | ||
| + | |- | ||
| + | | QM, Recording and Speech Analytics | ||
| + | | Future Roadmap | ||
| + | |- | ||
| + | | Workforce Management | ||
| + | | Future Roadmap | ||
| + | |- | ||
| + | | Agent Scripting Administration | ||
| + | | No | ||
| + | |- | ||
| + | | Interactive Insights | ||
| + | | No | ||
| + | |- | ||
| + | | Outbound | ||
| + | | No | ||
| + | |- | ||
| + | | Platform Administration (GAX) | ||
| + | ''Includes plug-ins like eServices Manager and IVR Administration'' | ||
| + | | Future Roadmap | ||
| + | |} | ||
| + | <nowiki>*</nowiki>Some conditions may apply. Contact your Genesys representative for more information. | ||
| + | </toggledisplay> | ||
| + | |||
| + | ==SSO Configuration - Genesys Engage cloud== | ||
| + | To enable Single Sign-On for your environments, see the [[SAML|configuration help]] in Agent Setup. | ||
| + | |||
| + | {{NoteFormat|SSO can be configured for different groups and you can have multiple identity providers, as long as there is only one per region.}} | ||
| + | |||
| + | If you're planning to enable SSO, consider the following conventions for creating users: | ||
| + | * The username provisioned within Genesys Engage cloud should match the username in the external identity provider. It is best to have your company's domain name as part of the username (Example: john@mycompany.com). Storing the username with the domain name ensures that the user can log in directly without entering the domain name before their username (Example: mycompany\john). | ||
| + | |||
| + | ==SSO Configuration - Identity Provider== | ||
| + | Genesys Engage cloud must be defined as an application within the identity provider to support the SSO integration. Specific details for uploading Genesys Engage cloud metadata and configuring claims will be published soon, but are available now by contacting your Genesys representative. | ||
| + | |||
| + | {{NoteFormat|Due to additional requirements from Okta, you should contact Genesys Engage cloud Customer Care for additional information before setting up SSO.}} | ||
| + | |||
| + | {{CloudStep_Stack | ||
| + | |title=How does SSO work for users? | ||
| + | |text= | ||
| + | Let's look at the login process for Agent Desktop with SSO enabled and Okta configured as the third-party identity provider. '''Note:''' The login flow is the same for all supported identity providers. | ||
| + | |||
| + | First, click the Agent Desktop icon in Genesys Portal and enter your username. You must log in to the application even though you're already logged in to your workstation. | ||
| + | |||
| + | Click '''Next'''. Genesys redirects you to Okta where you're prompted to enter your username and password. Once you log in with Okta, you're redirected back to Agent Desktop and automatically logged in. Alternatively, if you are already logged in with Okta when you click '''Next''', Genesys skips the Okta login and automatically logs you in to Agent Desktop. | ||
| + | |||
| + | Now that you're authenticated with the identity provider, you can choose any SSO-enabled application from Genesys Portal and you'll be automatically logged in without entering your credentials. | ||
| + | |||
| + | If you happen to close all browser tabs without logging out of the applications, you will remain logged in for five minutes. If a second window or browser is opened after five minutes, to either the same application or any other SSO-enabled application, you will once again be prompted for your credentials. | ||
| + | |||
| + | |media1=PEC_SSO_login.png | ||
| + | }} | ||
| + | |||
| + | [[Category:V:PSAAS:Julie]] | ||
Latest revision as of 13:48, September 18, 2020
Single Sign-On
Contents
Genesys Engage cloud supports single sign-on (SSO), which lets users access supported applications with one login. It can also be configured to use SAML 2.0 for integrations with third-party identity providers such as Okta or Google. There are many advantages to enabling SSO in Genesys Engage cloud—for example:
- Users need to remember only one password.
- User credentials are managed by a third-party identity provider.
- Users only need to log in once to gain access to Genesys Engage cloud applications that have SSO enabled and non-Genesys applications that use the same identity provider.
SSO support by application
[+] Click here to see which Genesys Engage cloud applications support SSO.
SSO Configuration - Genesys Engage cloud
To enable Single Sign-On for your environments, see the configuration help in Agent Setup.
If you're planning to enable SSO, consider the following conventions for creating users:
- The username provisioned within Genesys Engage cloud should match the username in the external identity provider. It is best to have your company's domain name as part of the username (Example: john@mycompany.com). Storing the username with the domain name ensures that the user can log in directly without entering the domain name before their username (Example: mycompany\john).
SSO Configuration - Identity Provider
Genesys Engage cloud must be defined as an application within the identity provider to support the SSO integration. Specific details for uploading Genesys Engage cloud metadata and configuring claims will be published soon, but are available now by contacting your Genesys representative.
How does SSO work for users?
Let's look at the login process for Agent Desktop with SSO enabled and Okta configured as the third-party identity provider. Note: The login flow is the same for all supported identity providers.
First, click the Agent Desktop icon in Genesys Portal and enter your username. You must log in to the application even though you're already logged in to your workstation.
Click Next. Genesys redirects you to Okta where you're prompted to enter your username and password. Once you log in with Okta, you're redirected back to Agent Desktop and automatically logged in. Alternatively, if you are already logged in with Okta when you click Next, Genesys skips the Okta login and automatically logs you in to Agent Desktop.
Now that you're authenticated with the identity provider, you can choose any SSO-enabled application from Genesys Portal and you'll be automatically logged in without entering your credentials.
If you happen to close all browser tabs without logging out of the applications, you will remain logged in for five minutes. If a second window or browser is opened after five minutes, to either the same application or any other SSO-enabled application, you will once again be prompted for your credentials.