Description: The purpose of this article is to provide an overview of Single Sign-On (SSO) and introduce the key terms and concepts related to implementing SSO for logging into the Ooma Enterprise system.
As you may already know, any Single Sign-On (SSO) interaction involves three participants:
- User: a common end user (customer).
- Service Provider (SP): a web resource the user tries to get access to, which is responsible for providing a requisite service to the end user.
- Identity Provider (IdP): a third-side centralized system that stores and manages the user credentials and other identifying information.
Throughout this article series, we will designate Ooma Enterprise (OE) as the only SP for each of the described cases of SSO integration. The SP will be integrated with various IdPs, including Azure, Okta, Google, and Auth0. In order to establish data transfers, configurations are required on both the SP and IdP sides.
Once the customers reach the stage of configuring Ooma as the SP for SSO access, as detailed in the corresponding article accessible via this link, they must access their account parameters page on the OE Admin Portal.
From there, they should set up the IdP and SSO section. Although the setup process is similar for most IdPs, there may be some differences depending on the specific IdP used by the customer. Information about each IdP that can be configured for SSO with OE is available in this article.
Once you have configured the parameters according to the specifications of each IdP, the IdP and SSO section will transform into a page displaying several links required for configuring the IdP side to establish the SSO connection. At the bottom of this page, you will find the "Enable" toggle switch that you must activate to enable the SSO function for Ooma as the SP.
After enabling the SSO feature for their account, subsequent logins will require the customer to use their SSO system email address. However, at this point, an issue may arise, preventing the customer from logging in with their credentials. And if the SSO configuration has been done incorrectly, the customer may be completely unable to access the OE portal.
If you encounter this problem, don't panic! Ooma will provide support and assistance to resolve it.
To resolve this issue, the initial step is to reach out to the OE Customer Support team. Their representatives have super admin access, allowing them to access the customer's account from a different level. From there, they can disable the toggle switch that allows the user to log in the OE Portal using their credentials, thus enabling corrections to be made to the incorrectly configured SSO parameters of the SP.
Do not hesitate to ask the OE Customer Support representatives for assistance with configuring SSO.
After the OE Customer Support team guides you through the correct procedure for setting up the SP or IdP, they can confirm that the configuration is correct and that all seats assigned to the customer account have unique and valid email addresses. The customer should ensure that the email addresses of the seats assigned to their account align with their own user base.
Then, one of the OE QA teams will also test the SSO access once it is enabled. So, with this configuration, you will be able to access the OE admin portal, desktop app, and mobile app.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article