Stay organized with collectionsSave and categorize content based on your preferences.
This section describes how to configure SSO using Idaptive for
use enterprise-wide Idaptive credentials to sign into Contact Center AI Platform (CCAI Platform) and the
agent adapter. Idaptive SSO uses the Security Assertion Markup Language (SAML)
authentication protocol.
Before you begin
To configure SSO using Idaptive, be sure you have the following:
An Idaptive account
An SSO URL
An entity ID
An email mapping field, usually Name ID
A SAML certificate (in Base64)
CCAI Platform administrator credentials
Configure Idaptive for SSO
To configure Idaptive, follow these steps:
Sign in to the Idaptive administrator portal.
From the left menu, clickWeb apps.
ClickAdd web apps.
Click theCustomtab.
Locate theSAMLweb app and clickAdd.
On the confirmation dialog, clickYes.
On the SAML Web App Settings page, enter aNameand clickSave.
On the SAML Web App page, click theTrusttab.
Navigate to the Identity Provider Configuration (IPC) section and
selectManual Configuration.
Copy and save theEntity IDfor later use in the CCAI Platform portal.
Download and save theSigning Certificateto a text file.
Copy and save theIDP Login URLfor later use in the CCAI Platform portal.
Navigate to the Service Provider Configuration (SPC) section and
selectManual Configuration:
UnderSP Entity ID / Issuer / Audience, enter:https://<environmentname>.ccaiplatform.com/saml/v1/metadata
UnderAssertion Consumer Service (ACS) URL, enter:https://<environmentname>.ccaiplatform.com/saml/v1/consume
BesideRecipient, selectSame as ACS URL.
From theNameID Formatdrop-down, select emailAddress, then
clickSave:
On the SAML Web App page, click thePermissionstab:
ClickAdd.
In the Select User, Group, or Role dialog, search for and select a
user, then clickAdd.
ClickSaveto deploy the SAML Web App:
Configure your CCAI Platform instance for SSO
To configure SSO for your CCAI Platform instance, follow these steps:
In the Google Cloud console, go to the project selector dashboard and select the project that
contains your instance.
In theNamecolumn, click the instance that you want to configure SSO for.
On theCCAI Platform instance Detailpage, clickeditEdit.
For the login method, selectSAML.
In theSingle sign-on URLfield, enter your SSO URL.
In theEntity IDfield, enter your entity ID.
In theEmail field mappingfield, enter a text string such asEmail nameorName ID. This is used as a label for the email name field on the SSO sign-in page.
In theAuthentication contextsfield, select the authentication context that you want. If
your IdP configuration doesn't require the authentication context to be specified, then leave this
field empty. For more information, seeAuthentication context.
In theCertificatefield, enter your SAML certificate. Be sure to include-----BEGIN CERTIFICATE-----and-----END CERTIFICATE-----from the
certificate.
ClickSave.
Verify SSO authentication
To verify SSO authentication, follow these steps:
Go to the agent adapter in your customer relationship management (CRM)
application.
ClickLogin with company SSO. A sign-in page displays.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis guide explains how to set up Single Sign-On (SSO) for Contact Center AI Platform (CCAI Platform) and its agent adapter using Idaptive, which utilizes the SAML authentication protocol.\u003c/p\u003e\n"],["\u003cp\u003eThe configuration process involves setting up a SAML web app within the Idaptive administrator portal, including defining trust relationships, and saving specific entity details and certificates.\u003c/p\u003e\n"],["\u003cp\u003eConfiguring the CCAI Platform instance for SSO requires inputting the Idaptive's IDP Login URL, Entity ID, a certificate, and defining an email field mapping.\u003c/p\u003e\n"],["\u003cp\u003eTo verify the SSO setup, users can attempt to log into the agent adapter via the "Login with company SSO" option using their Idaptive credentials.\u003c/p\u003e\n"]]],[],null,["# Configure SSO using Idaptive\n\nThis section describes how to configure SSO using Idaptive for\nuse enterprise-wide Idaptive credentials to sign into Contact Center AI Platform (CCAI Platform) and the\nagent adapter. Idaptive SSO uses the Security Assertion Markup Language (SAML)\nauthentication protocol.\n\nBefore you begin\n----------------\n\nTo configure SSO using Idaptive, be sure you have the following:\n\n- An Idaptive account\n- An SSO URL\n- An entity ID\n- An email mapping field, usually Name ID\n- A SAML certificate (in Base64)\n- CCAI Platform administrator credentials\n\nConfigure Idaptive for SSO\n--------------------------\n\nTo configure Idaptive, follow these steps:\n\n1. Sign in to the Idaptive administrator portal.\n\n2. From the left menu, click **Web apps**.\n\n3. Click **Add web apps**.\n\n4. Click the **Custom** tab.\n\n5. Locate the **SAML** web app and click **Add**.\n\n6. On the confirmation dialog, click **Yes**.\n\n7. On the SAML Web App Settings page, enter a **Name** and click **Save**.\n\n8. On the SAML Web App page, click the **Trust** tab.\n\n9. Navigate to the Identity Provider Configuration (IPC) section and\n select **Manual Configuration**.\n\n10. Copy and save the **Entity ID** for later use in the CCAI Platform portal.\n\n11. Download and save the **Signing Certificate** to a text file.\n\n12. Copy and save the **IDP Login URL** for later use in the CCAI Platform portal.\n\n13. Navigate to the Service Provider Configuration (SPC) section and\n select **Manual Configuration:**\n\n14. Under **SP Entity ID / Issuer / Audience** , enter:\n `https://\u003cenvironmentname\u003e.ccaiplatform.com/saml/v1/metadata`\n\n15. Under **Assertion Consumer Service (ACS) URL** , enter:\n `https://\u003cenvironmentname\u003e.ccaiplatform.com/saml/v1/consume`\n\n16. Beside **Recipient** , select **Same as ACS URL**.\n\n17. From the **NameID Format** drop-down, select emailAddress, then\n click **Save:**\n\n18. On the SAML Web App page, click the **Permissions** tab:\n\n19. Click **Add**.\n\n20. In the Select User, Group, or Role dialog, search for and select a\n user, then click **Add**.\n\n21. Click **Save** to deploy the SAML Web App:\n\nConfigure your CCAI Platform instance for SSO\n---------------------------------------------\n\nTo configure SSO for your CCAI Platform instance, follow these steps:\n\n1. In the Google Cloud console, go to the project selector dashboard and select the project that contains your instance.\n\n [Project selector dashboard](https://console.cloud.google.com/projectselector2/home/dashboard)\n\n \u003cbr /\u003e\n\n2. In the navigation menu, click **CCAI Platform** .\n\n\n [CCAI Platform instances](https://console.cloud.google.com/contact-center-ai-platform)\n\n \u003cbr /\u003e\n\n The **CCAI Platform instances** page displays.\n3. In the **Name** column, click the instance that you want to configure SSO for.\n4. On the **CCAI Platform instance Detail** page, click edit **Edit**.\n5. For the login method, select **SAML**.\n6. In the **Single sign-on URL** field, enter your SSO URL.\n7. In the **Entity ID** field, enter your entity ID.\n8. In the **Email field mapping** field, enter a text string such as `Email name` or `Name ID`. This is used as a label for the email name field on the SSO sign-in page.\n9. In the **Authentication contexts** field, select the authentication context that you want. If your IdP configuration doesn't require the authentication context to be specified, then leave this field empty. For more information, see [Authentication context](/contact-center/ccai-platform/docs/authentication-context).\n10. In the **Certificate** field, enter your SAML certificate. Be sure to include `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` from the certificate.\n11. Click **Save**.\n\nVerify SSO authentication\n-------------------------\n\nTo verify SSO authentication, follow these steps:\n\n1. Go to the agent adapter in your customer relationship management (CRM)\n application.\n\n2. Click **Login with company SSO**. A sign-in page displays.\n\n3. Sign in with your Idaptive credentials."]]
