Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
944
Views
0
Helpful
3
Replies

ECE - Customer SSO

TimoV
Level 1
Level 1

‎09-17-2019 01:48 AM

Hi,

 

Has anyone configured ECE customer side SSO with aqua templates? If the scenario is that customer has docked chat embedded at their web site and those already logged in (via SAML based SSO), should be recognized as authenticated visitors, how do I achieve that in practise. ECE admin guide suggests that SAML Assertion should be injected on the client side by calling  egainDockChat.SetCustomerParameters("SAMLResponse",""), but I'm wondering how do I get my hands on the assertion? 

So, if someone has experience on succesfull integration, help would be appreciated.

Labels:
0 Helpful
3 Replies 3

Omar Deen
Spotlight
Spotlight

‎09-18-2019 06:30 AM

I have experience with Customer SSO, mainly with the Kiwi template, but it's all the same.

  • Have you created a SSO provider?
    • Yes? Did you configure an Identity Provider?
      • Yes? Did you setup a Customer Config?
        • Yes? Did you apply this to your entry points?
          • Yes? Did you generate the HTML (it's really JavaScript) code from the entry point and select your SSO provider from step 1? -- this is where the assertion happens
          • No? do this
        • No? Do this
      • No? Do this
    • No? Do this
0 Helpful

TimoV
Level 1
Level 1
In response to Omar Deen

‎09-18-2019 09:31 PM

Yes, I've read through the documentation on config items you listed and it seems pretty clear for everything else, but the egainDockChat.SetCustomerParameters("SAMLResponse","") part. In my customer's achitecture the thing is that they are using docked chat at thjeir web site and in pages where the visitor is already authenticated.  According to TAC, we should put SAML assertion in that "SAMLResponse" attribute (this is inside ECE chat Javascript to be sourced at website), but the thing is that we don't have this assertion available and major changes would be needed to get that working in this way. That's why I'm  trying to figure out how the authenticvation flow really works and if someone has made it working with docked chat.

0 Helpful

piyush aghera
Spotlight
Spotlight
In response to TimoV

‎09-19-2019 02:27 AM

Just a thought that if the user is already authenticated, then the website must contain that information in authentication token or some other way; could this already available token be used while initiating chat.  Its just a random thought, i haven't worked or seen this practically.

0 Helpful
Customers Also Viewed These Support Documents