After configuration, members of your organization can expect the following login behavior. For full details, see Log in to Genesys Cloud using single sign-on (SSO).

  1. Users log in normally by selecting their org and using their Genesys Cloud credentials.

    This is the only time that users need to do this. After initial login, credentials are cached.

  2. The next time users arrive at the login page, they see the identity provider link at the bottom. Clicking that link takes them to a single sign-on page where they enter those credentials.
    Note:  If the identity provider link does not appear, then something is incorrect with the configuration.
    Single sign-on link
Notes:
  • If your organization has configured two or more third-party SAML-based identity providers supported by Genesys Cloud, users can log in by selecting one of them. For example, when ADFS, OKTA, and Salesforce are integrated, the user selects one of the three IDPs on the login screen to log in.
  • When configuring a generic SSO provider and a third-party IDP, such as ADFS, OKTA, and Salesforce, the user can log in by selecting either a generic SSO provider or a third-party IDP. For example, if you configure a generic SSO provider (not a third-party IDP), OKTA and ADFS, the user logs in by selecting one of the three IDPs on the login screen.