In My UCCX Lab , and I am trying to Configure SSO
UCCX : 12.5 &
Windows Server 2012 (AD+ DNS + CA + ADFS) all in one Box
I followed steps mentioned in bellow Link
when i am trying to execute last step in the document :
"Enable Signed SAML Assertions for the Relying Party Trust (Cisco Identity Service)"
I am getting below error message on my Windows AD Server
I tried to search in Microsoft related websites , but i couldn't understand everything listed there
on My UCCX , when I am trying to test SSO from Ids Side
getting below :
This isn't the solution to your problem, but did you see that 12.5(1)ES1 came out and addresses some SSO changes?
Updated Features SSO In SSO mode the access token and refresh tokens are changed to 'httponly' mode cookies for security reasons.
Cisco Finesse REST APIs are enhanced to get the access token and refresh tokens in the response body.
Fetch Access Token API endpoint (https://finesse1.xyz.com/desktop/sso/token) has a new optional parameter return_refresh_token=true|false to get the refresh token in the response body. Note: When you use the return_refresh_token=truequery parameter in Single Sign-On—Fetch Access Token API, access token and refresh token cookies are not added to the response. All information is provided as part of the response body, which can be directly used by the third-party clients.
Use this query parameter when third-party clients use Cisco Finesse SSO APIs alongside Finesse desktop in the same browser. Using this query parameter prevents agent logging out from Finesse desktop due to the override of the desktop cookie due to third-party client activity.
On Refreshing existing access token, use the new optional parameter refreshtoken=<refresh token value> along with the existing token in the query parameter. Note: If the token was initially fetched with the return_refresh_token=true query parameter, then the refresh token in request payload is mandatory.