Enabling Single Sign-on

Last Updated : Feb 28, 2024 |

About this task

Enable Single Sign-on (SSO) to allow users to access Avaya Cloud Office™ applications with your organization credentials. You can set up SSO yourself or contact Avaya Cloud Office™ customer support to set it up for you.

In both cases, you must obtain your identity provider (IDP) metadata, get your service provider (SP) metadata, and import the SP metadata into your federation server when enabling SSO.

Important:

Your identity provider must support SAML 2.0 for a successful SSO implementation.

Before you begin

  • Ensure that your identity provider supports SAML 2.0.

  • Obtain the IDP metadata from your identity provider. You can contact the customer support of your identity provider to obtain it.

Procedure

  1. From the Admin Portal homepage, click More > Security and Compliance > Single Sign-on.
  2. In the SSO Configuration area, in the Set up SSO by yourself section, click Set Up.

    Avaya Cloud Office Service Web displays the Set up Single Sign-on window.

  3. In the Upload IDP metadata section, upload the metadata you obtained from your identity provider with one of the following methods:

    • From the Upload Metadata by list, select Upload with file, click Browse and select the metadata file.

    • From the Upload Metadata by list, select URL, enter your metadata URL in the blank field and click Import.

  4. In the Attribute Mapping section, select email attributes to use in your metadata.

    If Avaya Cloud Office Service Web cannot recognize the email attribute, you can select Custom and type the attribute name.

  5. In the Certificate Management section, click Upload and select the certificate file.
  6. Click Save.

    Avaya Cloud Office Service Web returns you to the Single Sign-on page.

  7. To get your SP metadata, in the Set up SSO by yourself section, click Download.
  8. Import your SP metadata to your federation server and configure the federation server.

    Federation server configuration can differ depending on the platform you use. However, when your federation server requests your audience URI and SP entity ID, you must enter: https://sso.ringcentral.com

  9. After the federation server configuration, return to Admin Portal and navigate back to More > Security and Compliance > Single Sign-on.
  10. In the Enable SSO section, select the Enable SSO Service check box.
  11. Click Save.