Genesys Cloud (formerly PureCloud)

Discussion Thread View
Expand all | Collapse all

SSO and Genesys Cloud Authentication

  • 1.  SSO and Genesys Cloud Authentication

    Top 25 Contributor
    Posted 7 days ago
    If I integrate an org to say Azure AD for SSO, can I have some user/admin accounts that are not actually held within Azure and still use Cloud credentials?  Or does it become an all or nothing state then?  Just trying to think about the scenario where for some reason the SSO provider may be down/unreachable so still need a way for key people to log into the org.
    #AskMeAnything(AMA)
    #ArchitectureandDesign
    #Implementation
    #SystemAdministration

    ------------------------------
    Vaun McCarthy

    ------------------------------


  • 2.  RE: SSO and Genesys Cloud Authentication

    Top 25 Contributor
    Posted 7 days ago
    Hi Vaun,

    You will still be able to login with PureCloud as long as you don't turn on the setting in the screenshot below. You won't have the ability to specify which users can use which provider, they'll just have the option for both.
    Disable PureCloud Login

    Take a look here:
    https://help.mypurecloud.com/articles/log-in-to-purecloud-using-single-sign-on-sso/
    and here:
    https://help.mypurecloud.com/articles/what-users-can-expect-after-sso-setup/

    Thanks,
    Daniel McLeod

    ------------------------------
    Daniel McLeod
    Qsect LLC
    ------------------------------



  • 3.  RE: SSO and Genesys Cloud Authentication

    Top 25 Contributor
    Posted 7 days ago

    Thanks Daniel, the way I'm reading that (which may be wrong) is that after SSO is enabled a user can sign on EITHER using PureCloud OR SSO.  Is that correct?  It says the first time post SSO enablement they have to sign on using the Purecloud credentials which are "cached".  So then they log out, and next time they log back in they'll see the SSO provider option but again they can still fall back to the Purecloud credentials.  How can we stop users from using the Purecloud login without turning it off?  I foresee a lot of "my password doesn't work" calls to the Service Desk all because they didn't choose the SSO provider link.

    Based on what you said I'm guessing there's no way to turn that Purecloud option off so they can ONLY go to SSO but still have Purecloud authentication available for admin stuff.  So if you turn off Purecloud login, and something goes horribly wrong with the SSO provider, nobody will be able to get into your org at all?  So in that scenario you'd need Genesys Care to turn that option off again and potentially reset an Admin's password to login and make changes?

    Maybe using something in the API to reset ALL users's passwords to something else but not tell them?



    ------------------------------
    Vaun McCarthy
    NTT New Zealand Limited
    ------------------------------