Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3976
Views
15
Helpful
5
Replies

Webex Meetings/Teams Single Sign-On

Adam Roddy
Level 1
Level 1

‎01-23-2019 09:31 AM - edited ‎03-17-2019 07:49 PM

I am setting up a new Webex deployment with SSO.  I notice that even after SSO is setup, both the Webex Desktop App and Webex Teams still prompt my users to enter their email address even though they are on a domain PC.  My expectation is that the SSO should use Integrated Windows Auth (IWA) and the apps should log in without the user having to enter their email address.

 

In comparison, Jabber SSO works perfectly.  User logs into their domain PC, launches Jabber, and they never have to enter any username/credentials.

 

Also I set up the Webex integrations into Jabber, but when a user launches Jabber they get a Webex popup to enter email address.  It would be much better if this integration could use SSO to automatically log in.

 

Is this type of SSO using IWA not available with Webex apps?  Or am I doing something wrong?  For reference I am using Okta as the IDP

0 Helpful
5 Replies 5

Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎01-26-2019 07:40 AM

To my knowledge, there is not a good solution to this at the moment. Webex uses the same collect-email-to-determine-identity-provider approach a lot of SaaS solutions do. In your case it redirects to Okta once it knows the user’s email/domain. The problem isn’t necessarily a lack of Kerberos/NTLM support (that’s up to the OS native browser to figure out) but with not being able to skip/auto-fill the email address so to start the SAML flow automatically. AFAIK that is a product limitation, I believe in Webex: Jabber has no machine-friendly way (eg browser URL parameter) to pass your email address to Webex. I can’t speak to roadmap details here but you’re welcome to discuss this with your Cisco AM/SE.

Adam Roddy
Level 1
Level 1
In response to Jonathan Schulenberg

‎01-31-2019 12:58 PM

I was afraid this is the case....

0 Helpful

Ratheesh Kumar
VIP Alumni
VIP Alumni

‎01-28-2019 05:47 PM

Hi there


We recently deployed Webex teams and meetings SSO with Azure AD and it works perfectly. The application launches without prompting for credentials if the user logged in to domain PC with the credentials. Even though the user sign out from the machine or restart the machine, SSO works, except the user sign out from the client forcefully, next time it again request for authentication at microsoft login page. Below are the guides we followed.

 

https://collaborationhelp.cisco.com/article/en-us/mfu88u

https://collaborationhelp.cisco.com/article/en-us/WBX000022701

 

 

Hope this Helps

Cheers
Rath!
***Please rate helpful posts***

Adam Roddy
Level 1
Level 1
In response to Ratheesh Kumar

‎01-31-2019 12:58 PM

So even for a new user/deployment... when a user logs into their PC for the first time, they do not have to type in an email address?

0 Helpful

Ratheesh Kumar
VIP Alumni
VIP Alumni
In response to Adam Roddy

‎02-01-2019 12:54 PM

Hi there

 

What I have observed is once the user logins in for the first time, she clicks the team client

  1. he/she has to accept the agreement
  2. enter the email id
  3. Webex team embedded browser points to microsoft login (we user O365) and auto-redirect to Webex team client

The user will remain logged in even though you Logout or Restart the PC

Only the team ask for next authentication is when you forcefully Signout from the client

 

Hope this Helps

Cheers
Rath!
***Please rate helpful posts***

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents