This section explains how to configure SSO using the Security Assertion Markup Language (SAML) authentication protocol for a standard Identity Provider (IdP) that supports the SAML interface. When configured, you can use credentials from the IdP to sign into Contact Center AI Platform (CCAI Platform) and the agent adapter.
Before you begin
Before you being, configure an application or service provider profile with your Identity Provider (IdP). From this you get the following information:
SSO URL
Entity ID
Email mapping field, usually NameID
SAML certificate
Some IdPs provide this information using an XML manifest file. However, CCAI Platform doesn't support importing this information from a manifest.
Configure your CCAI Platform instance for SSO
To configure SSO for your CCAI Platform instance, follow these steps:
In the Google Cloud console, go to the project selector dashboard and select the project that contains your instance.
In the navigation menu, click CCAI Platform.
The CCAI Platform instances page displays.
In the Name column, click the instance that you want to configure SSO for.
On the CCAI Platform instance Detail page, click Edit.
For the login method, select SAML.
In the Single sign-on URL field, enter the Login URL value that you saved in Configure SAML.
In the Entity ID field, enter the Azure AD Identifier value that you saved in Configure SAML.
In the Email field mapping field, enter a text string such as
Email nameorName ID. This is used as a label for the email name field on the SSO sign-in page.In the Certificate field, enter the Base64 certificate that you downloaded in Configure SAML. Be sure to include
-----BEGIN CERTIFICATE-----and-----END CERTIFICATE-----from the certificate.Click Save.
Verify SSO authentication
To verify SSO authentication, follow these steps:
Go to the agent adapter in your customer relationship management (CRM) application.
Click Login with company SSO. A sign-in page displays.
Sign in with your IdP credentials.