Overview
Global SSO settings allow administrators to configure authentication and access for their Convoso account.
This article covers how admins can enable and manage Single Sign-On (SSO) settings to authenticate users through an external identity provider.
Contents
Global Settings
- Click the Account main menu.
- Click the Global Settings menu option.
The Global Settings page will open on the Global Settings tab.
- Click the Security tab.
On the Security tab users can configure Multi-factor Authentication settings and Single Sign-On settings.
Single Sign-On Settings
Single Sign-On (SSO) is an authentication method that allows users to log in once with a single set of credentials and then access multiple applications or systems without needing to re-authenticate for each one.
Initially, only one setting shows in the Sign Sign-On Settings section.
- The Type field will be set to Off by default.
| Type |
Selects the Single Sign-On (SSO) protocol used for authentication.
|
Once a selection has been made in the Type drop-down additional settings will open, different settings open depending on the selection.
SAML 2.0 Settings
SAML 2.0 (Security Assertion Markup Language 2.0) is an open standard that enables SSO securely exchanging user identity and authentication data between an Identity Provider (IdP) and a Service Provider (SP).
| Field | Description |
|---|---|
| Entity ID |
Specifies the Identity Provider (IdP).
|
| Callback URL |
Specifies the Identity Provider (IdP) Single Sign-On (SSO) Login URL.
|
| Certificate |
Specifies the X.509 public certificate provided by the Identity Provider.
|
-
Allowed Origin URLs:
- https://admin.convoso.com
- https://agent.convoso.com
- https://admin-dt.convoso.com
-
Allowed Callback URLs:
- https://agent.convoso.com/login/sso/saml/redirected
- https://admin.convoso.com/login/sso/saml/redirected
- https://admin.convoso.com/admin/sso/saml/test-redirected
OpenID Connect Settings
OpenID Connect (OIDC) is an authentication protocol that runs on top of the OAuth 2.0 framework. It allows the application to verify a user's identity using credentials supplied from an Authorization Server to enable Single Sign-On (SSO).
| Field | Description |
|---|---|
| Provider URL |
Specifies the OpenID Connect provider's discovery or issuer URL.
|
| Client Token URL |
Specifies the token endpoint provided by the OpenID Connect Identity Provider.
|
| Client ID |
Specifies the client identifier issued by the OpenID Connect Identity Provider.
|
| Client Secret |
Specifies the client secret generated by the OpenID Connect Identity Provider.
|
Test Connection
Will open a new browser window that launches the Entity's authorization process.
Save SSO Settings
After testing the connection, save the SSO configuration by clicking the blue Apply Changes button in the bottom-right corner.