Configure Genesys Cloud to authenticate with SSO only


Prerequisites
  • At least one third-party SSO provider configured in your org. To learn how to configure SSO providers, see About single sign-on (SSO).

Administrators can optionally disable Genesys Cloud login and only allow their users to log in by SSO. Some organizations prefer their users to authenticate using a single sign-on (SSO) identity provider instead of Genesys Cloud login credentials. Genesys Cloud administrators may define multiple SSO providers, from an expanding number of third parties.

Note: Do not enable SSO-only authentication if you use bridge connectors or webhooks for chat notification integrations. These features require password-based authentication to Genesys Cloud and fail with errors when SSO-only is enabled.

Use SSO authentication in your org instead of Genesys Cloud login credentials

  1. Click Admin.
  2. Under Account Settings, click Organization Settings.
  3. Select the Authentication tab.
  4. Below Genesys Cloud login, locate the switch labeled Disable Genesys Cloud Login. When this switch is disabled, Genesys Cloud authentication is used. Enabling it configures your org to use a specific SSO provider. The default state if this switch is OFF.

  5. Click the switch. Its indicator changes from OFF (indicating use of Genesys Cloud sign-on) to ON (indicating that SSO authentication is preferred.)

    When Disable Genesys Cloud Login is ON:

    • All Password Requirements options are disabled, since Genesys Cloud authentication is not being used. Existing password settings are preserved, in case Genesys Cloud authentication is activated again.

    • Administrators cannot delete all of the SSO providers under Interactions > Single Sign-on while Disable Genesys Cloud Login is ON.

    • Genesys Cloud users must log in to Genesys Cloud using single sign-on (SSO). Each user is prompted to choose which SSO provider to use when logging in.

  6. The system prompts you to accept or decline an acknowledgment message:

    You acknowledge that this setting restricts access to your Genesys Cloud account to only those users who log in by your SSO Identity Provider. You acknowledge responsibility to maintain your SSO certificate and configuration. Should you SSO settings change or expire, you acknowledge that your organization users will not be able to access the Genesys Cloud application until settings are corrected. Genesys Genesys Cloud, Inc. will not be liable nor responsible for any interruption of access to Genesys Cloud services.

    Click Accept. If you decline, the operation is canceled and the switch is restored to its original state.

  7. Select the provider to use for SSO authentication. You must select a provider, even if only one provider is defined for your org.
  8. Click Save.

To switch from SSO to Genesys Cloud authentication

  1. Click Admin.
  2. Under Account Settings, click Organization Settings.
  3. Select the Authentication tab.
  4. Below Genesys Cloud login, set the Disable Genesys Cloud Login switch OFF.
  5. Click Save. See Set Genesys Cloud password requirements for related settings.