This section describes how to configure SSO using Idaptive for use enterprise-wide Idaptive credentials to sign into Contact Center AI Platform and the agent adapter. Idaptive SSO uses the Security Assertion Markup Language (SAML) authentication protocol.
Before you begin
To configure SSO using Idaptive, be sure you have the following:
An Idaptive account
CCAI Platform administrator credentials
Configure Idaptive for SSO
To configure Idaptive, follow these steps:
Sign in to the Idaptive administrator portal.
From the left menu, click Web apps.
Click Add web apps.
Click the Custom tab.
Locate the SAML web app and click Add.
On the confirmation dialog, click Yes.
On the SAML Web App Settings page, enter a Name and click Save.
On the SAML Web App page, click the Trust tab.
Navigate to the Identity Provider Configuration (IPC) section and select Manual Configuration.
Copy and save the Entity ID for later use in the CCAI Platform portal.
Download and save the Signing Certificate to a text file.
Copy and save the IDP Login URL for later use in the CCAI Platform portal.
Navigate to the Service Provider Configuration (SPC) section and select Manual Configuration:
Under SP Entity ID / Issuer / Audience, enter: https://<environmentname>.ccaiplatform.com/saml/v1/metadata
Under Assertion Consumer Service (ACS) URL, enter: https://<environmentname>.ccaiplatform.com/saml/v1/consume
Beside Recipient, select Same as ACS URL.
From the NameID Format drop-down, select emailAddress, then click Save:
On the SAML Web App page, click the Permissions tab:
Click Add.
In the Select User, Group, or Role dialog, search for and select a user, then click Add.
Click Save to deploy the SAML Web App:
Configure your CCAI Platform instance for SSO
To configure SSO for your CCAI Platform instance, follow these steps:
In the Google Cloud console, go to the project selector dashboard and select the project that contains your instance.
In the navigation menu, click CCAI Platform.
The CCAI Platform instances page displays.
In the Name column, click the instance that you want to configure SSO for.
On the CCAI Platform instance Detail page, click
Edit.For the login method, select SAML.
In the Single sign-on URL field, enter the IDP Login URL value that you saved in Configure Idaptive.
In the Entity ID field, enter the Entity ID value that you saved in Configure Idaptive.
In the Email field mapping field, enter a text string such as
Email name
orName ID
. This is used as a label for the email name field on the SSO sign-in page.In the Certificate field, enter the signing certificate that you downloaded in Configure Idaptive. Be sure to include
-----BEGIN CERTIFICATE-----
and-----END CERTIFICATE-----
from the certificate.Click Save.
Verify SSO authentication
To verify SSO authentication, follow these steps:
Go to the agent adapter in your customer relationship management (CRM) application.
Click Login with company SSO. A sign-in page displays.
Sign in with your Idaptive credentials.