The Phone System App. Account - Settings - Authenication

Modified on Mon, Dec 2 at 2:00 PM

Description: Here, you can configure Single Sign-On access for your account with a third-party provider.


Set Up Identity Provider

 

SSO (Single Sign-On) is an authentication mechanism that enables users to log in to multiple systems or applications using a single set of login credentials. With SSO, once a user has successfully logged in to one application or system, they are automatically authenticated to other applications or systems within the same SSO environment. This simplifies the login process for users, eliminates the need for multiple sets of credentials, and enhances security.


SP (Service Provider) is a web resource the user tries to get access to, which is responsible for providing a requisite service to the end user.


IdP (Identity Provider) is a third-side centralized system that stores and manages the user credentials and other identifying information. 


When you access this subtab, if no IdP has been configured for your account, you will only see the "Set Up Identity Provider" button. If you click this button, a pop-up window will open displaying a list of fields required to set up an IdP for your account.

These fields are:

  • SSO URL: this is a web address used in the Single Sign-On authentication process, provided by your active directory service provider.
  • NameID Format: this is the specific format in which a user's identifier (NameID) is represented during transmission between IdPs and SPs. If it is incorrect, please reach out to the Support team.
  • X509 Certificate: by pressing this button, you can attach the certificate if you have one.
X509 certificate is a digital certificate that adheres to the X.509 standard, which specifies the format for public key certificates. It is widely used for securing communication and verifying the identities of entities in various systems and protocols. 
  • Unique ID Claim: here, you need to input the name of the claim that is returned in the SAML response that contains the unique ID of the user.
SAML (Security Assertion Markup Language) is an XML-based open standard for transferring identity data between IdP and SP.  
  • Use NameID For Email: by turning on this toggle switch, the system will use the Subject/NameID XML elements from the SAML response to determine the user's email address.
  • Email Claim: here, you need to input the name of the claim that is returned in the SAML response that contains the user's email address.
  • Username Claim: here, you need to input the name of the claim that is returned in the SAML response that contains the username of the user.
  • Use POST Method: when this toggle switch is enabled, the authentication request will use the HTTP POST binding with the IdP instead of the default Redirect binding which uses the HTTP GET method.
  • Sign Request: enable this toggle switch to sign the authentication request sent to the IdP.


For detailed instruction on setting up SSO for the AA system with different IdPs, refer to this collection of articles.



Password and Voicemail PIN

When the "Link User Password and Voicemail PIN" option is enabled, user passwords and voicemail PINs are synchronized and identical. If the option is disabled, the password and voicemail PIN become separate, and users must create a new password for added security.


Once you have filled out all the fields, do not forget to click on the "SAVE" button to apply the changes. 


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article