https://vcc.live/wp-content/uploads/2022/03/vcclive_main_logo.svg
CONTACT US VIEW DEMO
User GuidesVCC LiveInstallation and ActivationSingle Sign-On
Back to Support and Learning Center
English Hungarian

Single Sign-On

The single sign-on feature enables your users to log in to VCC Live without having to enter their login credentials before each login. And with added support for centralized authentication, you can also adapt your existing authentication systems (e.g. LDAP) to work with VCC Live.

Table of Contents

Note: Activating this feature requires an initial setup at both your and VCC Live’s end. For more details, please get in touch with your contact person at VCC Live.

Using Single Sign-On with OAuth 2.0

Our single sign-on authentication method uses the OAuth 2.0 open standard, commonly used for access delegation. Applications using OAuth 2.0 can give third-party applications permission to access the application’s information without revealing login details, such as passwords.

Note: OAuth 2.0 is an open protocol and is not developed by VCC Live.

Warning: Once this feature is enabled, you and your users will no longer be able to log in using the old method, unless you ask us to disable OAuth 2.0.

To Implement Single Sign-On

  1. You must have an OAuth 2.0 server installed and hosted.
  2. Register the VCC Live application with the OAuth 2.0 system server. This will enable VCC Live to connect to an authentication system of your choice.
  3. You will receive access details from the authorization server, including your client identifier, client server name, access token, and more.
  4. Navigate to your VCC Live account and VCC Live menu > Contact Center > Global Settings > OAuth
  5. Populate the fields: Scopes, Client ID, Client secret, Access Token URL, Authorize URL, JWKS URI, JWKS, Encryption keys. In VCC-Specific Settings populate ‘Search VCC users by field’, ‘ID token’, ‘Redirect URL’, ‘End session endpoint’
  6. Your VCC Live users will be able to log in using the OAuth Login button, without having to enter their usernames and passwords. A browser window will appear, where they need to enter their centralized login credentials only the first time. If you have more than one user account, you can choose which account you want to log in with.

Note: During the login process, OAuth 2.0 will return the email addresses to the VCC Live application, and the application will authenticate the users with the email address. This requires you to provide the same email address for all the users in both OAuth 2.0 and the VCC Live system.

Using Single Sign-On with Azure OAuth

For details about this service, see Office 365 identity models and Azure Active Directory and Authorize access to Azure Active Directory web applications using the OAuth 2.0 code grant flow.

Note: This feature requires you to have a Microsoft account with access to Azure Active Directory.

To Configure Azure OAuth

  1. Log in to your Azure Dashboard, then select Azure Active Directory.
    Azure AD
  2. Select App registrations, then select the New Registration button to create a new application.
    Azure AD
  3. In the text box below Redirect URl, type in your VCC customer URL with an OAuth endpoint. For example: https://somecustomer.asp.virtual-call-center.eu/oauth
    Azure AD
  4. Now set up a client secret. Navigate to the Certificates & secrets panel, then select the New client secret button.
  5. Set expiration to Never.
  6. Make sure you save the generated secret — you will need it later.
    Azure AD
  7. Optional: Select the Upload certificate button to upload an SSL certificate.

Note: If your users are assigned to too many groups and roles in Azure, you might face issues with the login in VCC Live. You can check the following guides about how to rectify this issue in Azure here and here

Setting up Automatic User Creation

If you would like to set up the integration in a way that it also automatically adds new users, you will need to set up the following as well.

  • acceptMappedClaims in the app Manifest under App registrations is set to true

Log in to Azure Active Directory

  • in Token configuration under your App create a group claim where All groups is checked

Create a group claim

  • under Enterprise applications when you navigate to Single Sign-on / Attributes&Claims create 2 claims and modify the existing one:
    • Name: name, Source attribute: user.displayname
    • Name: user_name, Source attribute: user.displayname
    • Modify user.groups claim to member_of

Modify existing claims

You are now done with the basic configuration. To finalize the configuration:

  1. Navigate to the Overview panel, then click on the Endpoints button.
  2. You need to forward your configuration details to us so that we can configure your access on our side. You can find all the necessary information for your app on the Overview panel.
    Overview panel

To Grant Access to Your Users to the Application

  1. Navigate to the Enterprise applications menu, then select the app you created.
  2. Select the Users and groups section, then press + Add user.

Add a user to the application

Things We Will Need

  • Application ID
  • Application secret (the one you have created previously)
  • OAuth 2.0 authorization endpoint (v2)
  • OAuth 2.0 token endpoint (v2)
  • ID of user groups (to be able to map them to user groups in VCC Live)

Related articles

There's always more to learn. Discover similar features by visiting related articles:

Login Screen

in User Guides
Back to Support and Learning Center

Comments

Can’t find what you need? Use the comment section below to connect with others, get answers from our experts, or share your ideas with us.

There are no comments yet.

Please note that by clicking on the Submit button, you agree to a member of VCC Live team contacting you with business offers. You can find detailed information on how we can establish contact with you in our Privacy Policy