Hello, when signing in to the Genesys Cloud desktop app and choosing an IDP such as Microsoft Entra, the app appears to launch some built in version of a Chromium browser to start the sign in process. However, for Microsoft SSO to work in Chromium browsers other than Edge, an extension called Microsoft Single Sign On is required.

Without this extension, users are required to complete a full sign in rather than be able to automatically authenticate with their computer account. Additionally, some Conditional Access options such as requiring an Entra Registered device or MDM Compliant Device is unable to be used without that extension, or the Edge browser.

Is there some way that the app can be configured to simply use your default browser to complete sign in, or is it possible to force install an extension on whatever kind of Chromium it is using?

#SystemAdministration

------------------------------
Carter Wilson
------------------------------

Hello Carter,

I'm not aware of any such limitation like that with SSO. It should use your current browser.

Does the same happen if you try to access Genesys from a web browser? You may want to take a look at this Resource Center article to make sure things are configured properly.

Hello, when signing in to the Genesys Cloud desktop app and choosing an IDP such as Microsoft Entra, the app appears to launch some built in version of a Chromium browser to start the sign in process. However, for Microsoft SSO to work in Chromium browsers other than Edge, an extension called Microsoft Single Sign On is required.

Without this extension, users are required to complete a full sign in rather than be able to automatically authenticate with their computer account. Additionally, some Conditional Access options such as requiring an Entra Registered device or MDM Compliant Device is unable to be used without that extension, or the Edge browser.

Is there some way that the app can be configured to simply use your default browser to complete sign in, or is it possible to force install an extension on whatever kind of Chromium it is using?

#SystemAdministration

------------------------------
Carter Wilson
------------------------------

Hi Jason,

Thanks for the reply. When I login via a web browser, everything works as expected. But when using the Genesys Cloud App, there is some browser built inside the app that is displaying the login page:

and if our conditional access policies require something like an entra registered device, domain joined device, etc... I get this error message asking me to install the extension:


I can exclude our entra Genesys SSO from Conditional Access policies that require this, but that is not ideal as I would like to lock down login to managed and compliant devices only.

Hello Carter,

I'm not aware of any such limitation like that with SSO. It should use your current browser.

Does the same happen if you try to access Genesys from a web browser? You may want to take a look at this Resource Center article to make sure things are configured properly.

Hello, when signing in to the Genesys Cloud desktop app and choosing an IDP such as Microsoft Entra, the app appears to launch some built in version of a Chromium browser to start the sign in process. However, for Microsoft SSO to work in Chromium browsers other than Edge, an extension called Microsoft Single Sign On is required.

Without this extension, users are required to complete a full sign in rather than be able to automatically authenticate with their computer account. Additionally, some Conditional Access options such as requiring an Entra Registered device or MDM Compliant Device is unable to be used without that extension, or the Edge browser.

Is there some way that the app can be configured to simply use your default browser to complete sign in, or is it possible to force install an extension on whatever kind of Chromium it is using?

#SystemAdministration

------------------------------
Carter Wilson
------------------------------

I see in the documentation you provided:

It sounds like this is not going to be possible. I guess we will have to consider this security limitation and if we want to allow use of the desktop app.

Hi Jason,

Thanks for the reply. When I login via a web browser, everything works as expected. But when using the Genesys Cloud App, there is some browser built inside the app that is displaying the login page:

and if our conditional access policies require something like an entra registered device, domain joined device, etc... I get this error message asking me to install the extension:


I can exclude our entra Genesys SSO from Conditional Access policies that require this, but that is not ideal as I would like to lock down login to managed and compliant devices only.

Hello Carter,

I'm not aware of any such limitation like that with SSO. It should use your current browser.

Does the same happen if you try to access Genesys from a web browser? You may want to take a look at this Resource Center article to make sure things are configured properly.

Hello, when signing in to the Genesys Cloud desktop app and choosing an IDP such as Microsoft Entra, the app appears to launch some built in version of a Chromium browser to start the sign in process. However, for Microsoft SSO to work in Chromium browsers other than Edge, an extension called Microsoft Single Sign On is required.

Without this extension, users are required to complete a full sign in rather than be able to automatically authenticate with their computer account. Additionally, some Conditional Access options such as requiring an Entra Registered device or MDM Compliant Device is unable to be used without that extension, or the Edge browser.

Is there some way that the app can be configured to simply use your default browser to complete sign in, or is it possible to force install an extension on whatever kind of Chromium it is using?

#SystemAdministration

------------------------------
Carter Wilson
------------------------------

Hello Carter,

I'm not aware of any such limitation like that with SSO. It should use your current browser.

Does the same happen if you try to access Genesys from a web browser? You may want to take a look at this Resource Center article to make sure things are configured properly.

Hello, when signing in to the Genesys Cloud desktop app and choosing an IDP such as Microsoft Entra, the app appears to launch some built in version of a Chromium browser to start the sign in process. However, for Microsoft SSO to work in Chromium browsers other than Edge, an extension called Microsoft Single Sign On is required.

Without this extension, users are required to complete a full sign in rather than be able to automatically authenticate with their computer account. Additionally, some Conditional Access options such as requiring an Entra Registered device or MDM Compliant Device is unable to be used without that extension, or the Edge browser.

Is there some way that the app can be configured to simply use your default browser to complete sign in, or is it possible to force install an extension on whatever kind of Chromium it is using?

#SystemAdministration

------------------------------
Carter Wilson
------------------------------