Add PureConnect as a single sign-on provider
- Single Sign-on > Provider > Add, Delete, Edit, View permissions
- PureConnect 2020 R2 or later
- Admin role in the Genesys Cloud organization associated with your PureConnect hybrid system
- User syncing enabled in your PureConnect hybrid system
Add Genesys Cloud as an application that PureConnect hybrid organization users can access with their PureConnect credentials. For more information, see the Genesys Cloud for PureConnect Administrator’s Guide.
- If your PureConnect hybrid organization already uses a single sign-on third party identity provider such a Microsoft Azure AD or Okta, this configuration is not needed.
- Only PureConnect supported languages are available to PureConnect users when they log in to Genesys Cloud. Verify that the required languages are available on the PureConnect CIC server.
- Administrators can choose to store one additional certificate to ensure business continuity. If one certificate becomes invalid or expires, the backup certificate will preserve the integration.
Configure PureConnect
Get the certificate for Genesys Cloud configuration
Find and download PureConnect’s encoded public certificate for SAML signature validation.
- Open Interaction Administrator on the PureConnect CIC server.
- Click Secure Token Server Configuration.
- Click the Configuration tab.
- Download the certificate in Certificate Path.
- Save the certificate to a text file.
Configure Genesys Cloud
- In Genesys Cloud, click Admin.
- Under Integrations, click Single Sign-on.
- Click the Generic SSO Provider tab.
-
Enter the metadata gathered from PureConnect.
In this field… Do this… Provider Logo Insert an SVG image, no larger than 25 KB. The image can be your company’s logo or any other image. Provider Name Type the provider name to match your provider logo. The Provider’s Certificate To upload X.509 certificates for SAML signature validation, do one of the following.
- To upload a certificate, click Select Certificates to upload.
- Select the X.509 certificate.
- Click Open.
- Optionally, to load a backup certificate, repeat steps 1–3.
Or you can:
- Drag and drop your certificate file.
- Optionally, to load a backup certificate, repeat the first step.
Uploaded certificates appear with their expiration date. To remove a certificate, click X.
Note: To renew or update an expiring certificate, follow these instructions to upload X.509 certificates, repeating steps 1--3. You can upload up to five certificates to Genesys Cloud per SSO configuration, and Genesys Cloud chooses the correct certificate during single sign-on and logout.The Provider’s Issuer URI Type the URI for your PureConnect system’s single sign-on proxy host. The value is based on your PureConnect system’s single sign-on proxy configuration. To learn how to modify your proxy server configuration for single sign-on, see the Genesys Cloud for PureConnect Administrator’s Guide. Target URL Type the URL for your PureConnect system’s single sign-on proxy location. The value is based on your PureConnect system’s single sign-on proxy configuration. To learn how to modify your proxy server configuration for single sign-on, see the Genesys Cloud for PureConnect Administrator’s Guide. Relying Party Identifier Type the URL for the AWS region where your Genesys Cloud organization is located:
US East (N. Virginia):https://login.mypurecloud.com/saml
US East 2 (Ohio): Not supported
US West (Oregon):https://login.usw2.pure.cloud/saml
Canada (Canada Central):
https://login.cac1.pure.cloud/saml
South America (São Paulo): Not supported
EU (Frankfurt):https://login.mypurecloud.de/saml
EU (Ireland):https://login.mypurecloud.ie/saml
EU (London):https://login.euw2.pure.cloud/saml
Asia Pacific (Seoul):https://login.apne2.pure.cloud/saml
Asia Pacific (Sydney):https://login.mypurecloud.com.au/saml
Asia Pacific (Tokyo):https://login.mypurecloud.jp/saml
- Select Endpoint Compression to compress the Genesys Cloud authentication request. Note: This setting is required. The configuration will not work without it.
- Click Save.