From Bright Pattern Documentation
Jump to: navigation, search
• 日本語
• 5.19 • 5.3 • 5.8

Enable Single Sign-On in Salesforce

Single Sign-on (SSO) functionality allows call center users to log in to Salesforce and Bright Pattern Contact Center applications simultaneously from a single login.

Step 1: Enable and deploy the domain

  1. From Salesforce Classic Setup, enable the organizational domain. Note that registration of the domain may take up to 24 hours. For more information, refer to Salesforce Help.

  2. Deploy the domain to assigned users.

  3. All users must log in using this domain URL, which should be in the following format:

    https://<your-domain-name>.my.salesforce.com/

Step 2: Enable identity provider

After your domain name is registered, you will be able to enable your identity provider, which is necessary for SSO.

  1. Use Quick Find to go to the Identity Provider page and click on Enable Identity Provider.

  2. In the Identity Provider Setup section, select the actual certificate to be used. If no certificates are shown, you will have to create or import a certificate (see Step 3).

Step 3: Get certificate

The certificate is used in the Add Salesforce Integration Account section of this guide to establish Salesforce as the identity provider for SSO. This step will help you download the certificate.

  1. Use Quick Find to go to Certificate and Key Management.

    Certificate and Key Management


  2. If there are no certificates listed, or your certificate is expired, either create a new one or import a certificate from your setup.

    1. To import, click the Import from Keystore button. Any certificates you import will be shown in the Idp Certificate field on the Connected App Edit page.

  3. After you have created or imported a certificate, click Download Certificate.

    Download the certificate from Salesforce


  4. Open the file and copy the certificate contents only (i.e., the text between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----).

    Sfdc-integration-guide-image11.png


  5. Save this for when you edit your Salesforce integration account properties. This is what you will paste into the Set Identity Provider certificate dialog of integration account properties.

Step 4: Customize the connected app

  1. Use Quick Find to go to Connected Apps and then select BrightPattern from the list of connected apps.

    Connected Apps


  2. On the Connected App Detail page that opens, click Edit Policies.

    Connected App Detail


  3. Set the following app settings:

    1. IP Relaxation - Relax IP restrictions

    2. Refresh Token Policy - Refresh token i s valid until revoked

    3. ACS URL - The URL should take the following form, where "<your-tenant>" is your contact center name: https://<your-tenant>.brightpattern.com/agentdesktop/agentdesktop/sfsso/response

      Settings to edit


  4. Click Save.

Step 5: Configure user profiles and field mapping (login mapping – custom attribute)

SSO requires user profiles assigned for users that are going to utilize Bright Pattern Contact Center to be authenticated by the Salesforce Identity Provider. The following process maps the SSO parameters to the Bright Pattern Contact Center login ID.

  1. Go back to Connected Apps, and select BrightPattern to get to the Connected App Detail page.

  2. Scroll all the way down to Custom Attributes and click Edit.

    Edit custom attributes


  3. In the Update Custom Attribute page that opens, set the following:

    1. Attribute key - CSIMLoginID

    2. Attribute value - $User.CommunityNickname

      Sfdc-integration-guide-image9.png


Bright Pattern Contact Center uses one optional custom service provider “Attribute key”: CSIMLoginID. This Attribute could be matched with any user’s field. By default, it is configured to match the Salesforce user nickname ($User.CommunityNickname).

Note: If this attribute mapping is removed and no other attribute is specified, then the login ID will be taken as part of the Salesforce username before the "@" sign.

Step 6: Get the identity provider initiated login URL

  1. Still on the BrightPattern Connected App Detail page, see section SAML Login Information.

  2. Copy the full URL from the Idp-initiated Login URL.

    SFDC-Classic-SAML-54.PNG


  3. Save this URL for when you add the Salesforce integration account in the Bright Pattern Contact Center Administrator application. This URL will go in the "Identity provider initiated login URL" property.

Step 7: Set up SSO integration with Bright Pattern Contact Center

SSO integration configuration is completed when you paste the certificate and Idp-initiated Login URL into Salesforce integration account properties in Bright Pattern's Contact Center Administrator application.

< Previous | Next >