Single sign-on
Contents
Learn how single sign-on is supported in Genesys Engage cloud.
Most Genesys Engage cloud applications use single sign-on (SSO) to allow a logged-in user to navigate across supported applications without prompting for credentials again. Genesys Engage cloud can also be configured to use SAML 2.0 for integrations with third-party identity providers (IdP) such as Okta or Google. There are many advantages to enabling SSO in Genesys Engage cloud—for example:
- Users need to remember only one password.
- User credentials are managed by a third-party identity provider.
- Users must have multi-factor authentication by a third-party identity provider for additional security.
- Users only need to log in once to gain access to Genesys Engage cloud applications that have SSO enabled and non-Genesys applications that use the same identity provider.
SSO support by application
View which Genesys Engage cloud applications support SSO.
| Applications | Single Sign On Support | Notes |
|---|---|---|
| Agent Desktop | Yes | |
| Agent Setup | Yes | |
| Callback | Yes | |
| Cloud Data Download Service | Yes | |
| CX Contact | Yes | |
| Designer | Yes | |
| Genesys CX Insights | Yes | Supported in version 9.0.013.0+. Contact your Genesys representative to enable. |
| Genesys Softphone | Yes | |
| Screen Recording | Yes | Supported in Agent Desktop version 9, but not with custom desktops. |
| Real-Time Reporting (Pulse) | Yes | Supported in Real-Time Reporting version 9 on selective deployments. Contact your Genesys representative for details. |
| Gplus Adapter Salesforce | Yes | |
| Recording, Quality Management and Speech Analytics | Future Roadmap | |
| Workforce Management | Yes | Not supported for supervisor accounts for administrative activities. |
| Agent Scripting Administration | No | |
| Interactive Insights | No | |
| Outbound | No | |
| Platform Administration (GAX)
Includes plug-ins like eServices Manager and IVR Administration |
No | |
| WebRTC | Yes |
Configuring SSO in Genesys Engage
To enable single sign-on for your environments, see Single Sign-On in Agent Setup.
If you're planning to enable SSO, consider the following conventions for creating users:
- The domain declared in the identity provider metadata should be part of the user name stored within Genesys, to create the most seamless experience. (Example: john@mycompany.com) Otherwise, users would need to enter a Tenant or enter the domain before their username. (Example: mycompany\john)
- The username provisioned within Genesys Engage cloud should match the username in the external identity provider.
Configuring SSO in the identity provider
Genesys Engage cloud must be defined as an application within the identity provider to support the SSO integration.
Genesys Engage cloud supports the SAML 2.0 protocol as a standard interface to identity providers, and has successfully validated with popular IdPs, including Okta and Ping. Other identity providers can be supported provided they comply with SAML 2.0 and you validate the integration before using in production.