Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1040
Views
0
Helpful
4
Replies

Webex Control Hub - SSO

RobT1923
Visitor

‎03-10-2026 03:07 AM

Hi

I have a few queries regarding SSO on WebEx control hub and was hoping someone may be able to answer the below:

  1. Is it possible to enable SSO on WebEx control hub, whilst allowing some users to sign in using their WebEx credentials rather than SSO?
  2. Is it possible to have 2 WebEx tenants configured to the same SSO provider. Example User WebEx tenant and Device WebEx tenant both using a single Microsoft tenant for SSO.

Thanks

0 Helpful
4 Replies 4

Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎03-10-2026 11:38 AM

  1. Yes with IdP routing rules. You can have an ordered list of match logic based on email domain of the user account or group membership with a last resort option without a match criteria. Be advised that some InfoSec folks feel that the ability to bypass SSO is a risk, so be sure you get the relevant approvals internally before configuring this.
  2. First, I wanted to warn "don't do this!" Users and endpoints absolutely belong in the same tenant; some features only work intra-tenant. To answer the question directly though: only one Webex tenant could use the Entra ID Wizard App integration (i.e. the easy button.). The other would need to use SAML/OIDC, and optionally SCIM 2.0 for account synchronization, the hard way from Entra as an enterprise application.
0 Helpful

RobT1923
Visitor
In response to Jonathan Schulenberg

‎03-11-2026 06:00 AM

Thanks, would you be able to say which features only work intra-tenant?
The devices are going to be in Teams mode or Room OS utilising OBTJ.
Thanks

0 Helpful

Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to RobT1923

‎03-16-2026 02:37 PM

I'm reluctant to even answer this question because it's such a bad idea. It will make everything more difficult, even sourcing. This is not how Control Hub was designed to function. Why do you want to separate them so badly?

0 Helpful

RobT1923
Visitor
In response to Jonathan Schulenberg

‎03-17-2026 02:43 AM

I don't want to separate them, i want them on the same tenant but management has asked for them to be separate and i can only see it causing issues.

One of the reasons for separating was due to the fact that its a tenant shared by multiple regions, and they didn't want other regions managing devices. I've been able to confirm that location admin is the way to go for this so that helps my argument for staying on one tenant. 

0 Helpful
Customers Also Viewed These Support Documents