Overview
Single Sign-On will enhance security and ease of access for your Account Users. Agents and Admins will no longer have to worry about having multiple logins across different platforms.
Contents
Before you Begin
- Configuring your Single Sign-On Settings will require inputting details from your SSO Provider's developer documentation.
- You will also need access to input details from Convoso into your SSO configuration in order for the two applications to communicate properly.
If you have trouble locating any of the required values or configuring your SSO, then you will need to reach out to your SSO Provider's Support Team as they are the foremost experts on their product.
Note: Only Super-Admins can access the Single Sign-On feature by default. Additional access can be granted through the Access Control List tab in User Settings. To learn about granting access to Admins and other Users, see Granting Single Sign-On Settings Access.
Configuring Single Sign-On
1.) Click the Account main menu.
2.) Click the Single Sign-On menu option.
The Single Sign-On Settings page will open.
3.) Click the Enable Single Sign-On toggle to show Yes. By default the Enable Single Sign-On option is set to No.
The SSO fields populate only once Single Sign-On is enabled.
4.) Locate the Redirect URIs; you will need to enter these in your SSO Configuration.
5.) Configure the following fields (A-H) using the input values from your SSO Provider.
- (A) Host: Enter the identity provider's hostname.
- (B) Authorization URI: Enter the Authorization URI.
- (C) Token URI: Enter the Token URI.
- (D) Scope: Define the Scope for access permissions. This is a string that will define what the application is able to do on the User's behalf.
- (E) Client ID: Input the Client ID for your SSO.
- (F) Client Secret: Enter the Client Secret.
- (G) User Info URI: Enter the API endpoint where the Email field is stored.
- (H) Email Field: Map to the Email Field in your API endpoint.
Note: The Convoso system will only allow SSO if the email address for the account with the SSO Provider matches a User email address in your Account. Otherwise the Agent or Admin will be redirected to the normal sign in page.
6.) Click the blue Save button.
7.) Share the two Single Sign-On URIs with your Admins and Agents to log in via SSO instead of via the Admin or Agent homepages.