Skip to main content
NICE CXone Expert

Scheduled CxOne Expert Maintenance - Oct 26th 11:59 pm PT - Learn More

Expert Success Center

Azure identity provider SAML SSO setup process

Follow this process to connect Expert as a Service Provider to Azure via a SAML connection.

 

Prerequisites

  • Admin access to your Azure Identity Provider Environment
  • CXone Expert site's metadata download link (provided by CXone Expert)

Create a generic Enterprise Application in Azure

The first step to connecting CXone Expert with Azure is to create a Generic Enterprise Application:

  1. Go to Azure Active Directory > Enterprise applications.
  2. Select New application.
  3. In the Browse Azure AD Gallery, select Create your own application.
  4. Enter CXone Expert as the name for the application.
  5. Click Create.

Upload metadata to the enterprise application

Once an Application is created, you must configure the Expert metadata in the Application. This will allow you to generate Azure's metadata file to send back to the CXone Expert technical resource.

  1. Use the metadata download link provided by CXone Expert to download the metadata file to your machine.
  2. In your new application, go to Get Started  or the left side panel, and select Set up single sign on.
  3. Select SAML.
  4. Select Upload metadata file at the top.
    1. Upload the CXone Expert metadata file you saved to your machine.
    2. The Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) fields should both populate.
    3. Click Save and close the side window to get back to "Set up Single Sign-On with SAML."
  5. Under SAML Signing Certificate, you should now have an App Federation Metadata URL. Copy this URL and send it to the CXone Expert technical resource.

Update Attributes & Claims section

We recommend you make a small change to the Attributes & Claims section to ensure that your User's Display Name comes in correctly:

  1. In the Attributes & Claims section, select Edit.
  2. You will likely have a givenname, surname, and name attributes.
  3. If your givenname and surname attributes are already populated with a value that reflects users' first and last names, remove the name attribute.

Assign Users / Groups to the Enterprise Application

To test the connection, assign Users to the application. You can add individual Users for testing purposes, or if you already know which groups you wish to assign to the CXone Expert Application, you can assign those too.

Please follow Azure's documentation on assigning users or groups for further instruction.

Test the connection

Once you provide the App Federation Metadata URL to the CXone Expert technical resource, they will do the final steps to connect the Expert site to your Enterprise Application in Azure.

After they confirm this step and you assign Users to the Application in Azure, test logging in either through an IdP-initiated login or an SP-initiated login by going directly to your Expert site. Report any issues to the CXone Expert technical resource.

 

  • Was this article helpful?