Revision as of 00:08, November 10, 2018 by Bill.mitchell@genesys.com (talk | contribs) (SSO Configuration - Identity Provider)
Jump to: navigation, search

Single Sign-On

PureEngage Cloud supports single sign-on (SSO) using the SAML 2.0 protocol. There are many advantages to enabling SSO in PureEngage Cloud—for example:

  • Users need to remember only one password.
  • User credentials are managed by a third-party identity provider.
  • Users only need to log in once to gain access to all PureEngage Cloud applications that have SSO enabled.

SSO Support by Application

Click here to see which PureEngage Cloud applications support SSO.

SSO Configuration - PureEngage Cloud

Contact your Genesys representative to enable SSO configuration for your organization.


If your organization is using an existing PureEngage Cloud deployment with live agents, it is recommended to begin with a small trial for a limited group of users to validate the SSO integration.


If your organization integrates with multiple identity providers, PureEngage does support per-Access Group configuration of SSO.

SSO Configuration - Identity Provider

Genesys PureEngage Cloud will need to be defined as an Application within the Identity Provider to support the SSO integration. Specific details for configuring claims will be published soon, but are available now by contacting your Genesys representative.Reference configurations for identity providers:

  • Okta (to be published soon)



How does SSO work for users?

1

Let's look at the login process for Agent Desktop with SSO enabled and Okta configured as the third-party identity provider. Note: The login flow is the same for all supported identity providers.

First, click the Agent Desktop icon in Genesys Portal and enter your username. You must log in to the application even though you're already logged in to your workstation.

Click Next. Genesys redirects you to Okta where you're prompted to enter your username and password. Once you log in with Okta, you're redirected back to Agent Desktop and automatically logged in. Alternatively, if you are already logged in with Okta when you click Next, Genesys skips the Okta login and automatically logs you in to Agent Desktop.

Now that you're authenticated with the identity provider, you can choose any SSO-enabled application from Genesys Portal and you'll be automatically logged in without entering your credentials.

SSO authentication is separate from application login, so you'll stay logged in with PureEngage Cloud for the length of your SSO session (this is a configurable time period), even if you log out of an application. This means you can log out of Agent Desktop, for example, and remain logged in with Agent Setup.

How does SSO work for users?

<a class="image" title="1"><img alt="1" src="/images/9/93/PEC_SSO_login.png" width="971" height="900"></a>Let's look at the login process for Agent Desktop with SSO enabled and Okta configured as the third-party identity provider. Note: The login flow is the same for all supported identity providers.First, click the Agent Desktop icon in Genesys Portal and enter your username. You must log in to the application even though you're already logged in to your workstation. Click Next. Genesys redirects you to Okta where you're prompted to enter your username and password. Once you log in with Okta, you're redirected back to Agent Desktop and automatically logged in. Alternatively, if you are already logged in with Okta when you click Next, Genesys skips the Okta login and automatically logs you in to Agent Desktop.Now that you're authenticated with the identity provider, you can choose any SSO-enabled application from Genesys Portal and you'll be automatically logged in without entering your credentials.SSO authentication is separate from application login, so you'll stay logged in with PureEngage Cloud for the length of your SSO session (this is a configurable time period), even if you log out of an application. This means you can log out of Agent Desktop, for example, and remain logged in with Agent Setup.

How does SSO work for users?

<a class="image" title="1"><img alt="1" src="/images/9/93/PEC_SSO_login.png" width="971" height="900"></a>Let's look at the login process for Agent Desktop with SSO enabled and Okta configured as the third-party identity provider. Note: The login flow is the same for all supported identity providers.First, click the Agent Desktop icon in Genesys Portal and enter your username. You must log in to the application even though you're already logged in to your workstation. Click Next. Genesys redirects you to Okta where you're prompted to enter your username and password. Once you log in with Okta, you're redirected back to Agent Desktop and automatically logged in. Alternatively, if you are already logged in with Okta when you click Next, Genesys skips the Okta login and automatically logs you in to Agent Desktop.Now that you're authenticated with the identity provider, you can choose any SSO-enabled application from Genesys Portal and you'll be automatically logged in without entering your credentials.SSO authentication is separate from application login, so you'll stay logged in with PureEngage Cloud for the length of your SSO session (this is a configurable time period), even if you log out of an application. This means you can log out of Agent Desktop, for example, and remain logged in with Agent Setup.

Comments or questions about this documentation? Contact us for support!