Set Up Third-Party Identity Providers for SSO
If you have a single sign-on (SSO)A method of controling access to multiple software systems. With Single Sign-On, a user logs in with a single ID and password to gain access to a connected system of tools, databases, or servers. infrastructure implemented using SAML 2.0An acronym for Security Assertion Markup Language. This is the standard protocol for web browser Single Sign-On using secure tokens., you can integrate NICE Uptivity with your SAML system to authenticate user access to the Uptivity Web Portal. SSO is compatible with three third-party Identity Providers (IDPs): Okta, Microsoft Azure, and Google Apps. Based on your IDP, use the instructions below to set up SSO with Uptivity.
Okta
- Log in to the Okta Admin Dashboard.
- In the left panel, click Applications Applications. Click Add Application.
- Click Create New App. In the dialog, set Platform to Web and select SAML 2.0 for Sign on method. Click Create.
- Enter an App name and click Next.
- For the Configure SAML step:
- Enter the Single sign on URL. This is the full login URL of your NICE Uptivity Web Portal starting with http:// or https:// and ending with /Acs.
- Select Use this for Recipient URL and Destination URL.
- Enter the Audience URI (SP Entity ID). This is the full login URL of your NICE Uptivity Web Portal starting with http:// or https:// and ending with /Saml.
- Click Download Okta Certificate. Make a note of where you save the certificate. You will need to input this in the Certificate Path field in the NICE Uptivity Web Portal settings.
- Go back to the Applications page. Open the app you just created.
- On the General tab, copy or make a note of the value in the Embed Link field. You will need to input this in the Login Endpoint URI field in the NICE Uptivity Web Portal settings.
- On the Assignments tab, create and assign users and groups to use this sign-on method.
- In the left panel, click Security API. On the TrustedOrigins tab, click Add Origin.
- Enter a Name for your origin. For simplicity, this can match the name of your app.
- Enter the Origin URL. This is the full login URL of your NICE Uptivity Web Portal starting with http:// or https://. This value must match the Entity ID value in the NICE Uptivity Web Portal settings.
- Click Save.
Microsoft Azure
- Log in to the Microsoft Azure Active Directory.
- In the left panel, click Enterprise applications, then click New Application.
- Click Create your own application. On the right side, enter a Name in the field and select the Integrate any other application you don't find in the gallery radio button.
- In the left panel, click Single sign on.
- In the Basic SAML Configuration section, enter the Identifier (Entity ID). This is the full login URL of your NICE Uptivity Web Portal starting with http:// or https:// and ending with /Saml. This value must match the Entity ID value in the NICE Uptivity Web Portal settings, except for the very end.
- In the SAML Signing Certificate section, click the relevant Download link to download your certificate. Make a note of where you save the certificate. You will need to input this in the Certificate Path field in the NICE Uptivity Web Portal settings.
- In the Set up [your application name] section, copy or make a note of the value in the Login URL field. You will need to input this in the Login Endpoint URI field in the NICE Uptivity Web Portal settings.
- In the left panel, click Users and groups. Click Add user/group to configure each user or group you need.
Google Apps
- Log in to the Google Admin Console.
- Click Apps, then click Web and mobile apps.
- Click Add App > Custom SAML App.
- For App details, enter a Name for the app. Click Continue.
- For Google Identity Provider details:
- Copy or make a note of the value in the SSO URL field. You will need to input this in the Login Endpoint URI field in the NICE Uptivity Web Portal settings.
- Click the icon to download the Certificate. Make a note of where you save the certificate. You will need to input this in the Certificate Path field in the NICE Uptivity Web Portal settings.
- Click Continue.
- For Service Provider details, enter the ACS URL and the Entity ID. This is the full login URL of your NICE Uptivity Web Portal starting with http:// or https:// and ending with /Acs or /Saml, respectively. This value must match the Entity ID value in the NICE Uptivity Web Portal settings, except for the very end. Click Continue.
- For Attribute mapping, set Google Directory attributes to Primary email and set App attributes to email. Click Finish.
- From the Web and mobile apps page, click your certificate to open it. Click the User access card and ensure you have users in groups or organizational units configured with permissions to use the SAML app.