Sep 03, 2024
6414
Google's single sign-on (SSO) solution lets users sign in to all their enterprise cloud applications like HappyFox using their managed Google account credentials. Google's SAML based SSO can be leveraged for both agent (staff) and end-user (contact) SSO authentications in HappyFox.
Available for all pricing plans
🔧 This SSO setup can only be performed by the administrator of a google account.
Enabling Enterprise Google Login SSO for your HappyFox account Involves:
- Setting up your own custom SAML app on Google.
- Provisioning users to your new SAML app on Google.
- Configuring the HappyFox's Custom SAML SSO.
Setting up your own custom SAML app on Google:
- Log in to your Google Admin console.
- Go to Home page >> Apps >> SAML Apps.
- Click Add button to create a new app.
- In the subsequent screen, click "Set up my own custom app".
- Google's IDP Information window will open and the SSO URL and Entity ID fields automatically populate.
- Copy the SSO URL and Entity ID and download the Certificate. Hit "Next".
- In the next step, Provide a name and description for your application. You could even upload an image to better identify your app. Hit "Next".
- Note: This logo will be displayed for all users who have access to this application. Please upload a .png or .gif image of size 256 x 256 pixels.
- In the Service Provider Details window, enter an ACS URL, Entity ID, and Start URL (if needed) for your custom app. These values are all provided by HappyFox:
- If you would like to configure Google SSO (SAML) for end-users (Contacts),
- ACS URL: https://<company_name>.happyfox.com/saml/custom-saml/callback/
- Entity ID: https://<company_name>.happyfox.com/saml/client-metadata/
- Start URL: https://<company_name>.happyfox.com/
- If you would like to configure Google SSO(SAML) for agents,
- ACS URL: https://<company_name>.happyfox.com/staff/saml/custom-saml/callback/
- Entity ID: https://<company_name>.happyfox.com/saml/metadata/
- Start URL: https://<company_name>.happyfox.com/
- If you would like to configure Google SSO(SAML) for both agents & contacts, you will need to create two apps on Google Admin Portal, one for the agent and one for contact portal login to work.
- If you would like to configure Google SSO (SAML) for end-users (Contacts),
- Specify "Name ID Format" as e-mail.
- Click Add new mapping and enter a new name for the attribute you want to map. Learn more about SSO field mapping.
- Click "Finish".
Provisioning users to your new SAML app on Google:
- Go to home page >> Apps >> SAML Apps.
- Select your new SAML app and click the "three dots" menu.
- To turn on or off an SSO for everyone in your organization, click On for everyone or Off for everyone, and then click Save. You could also selectively turn on this SSO for some members in your organization. Learn more about organizational structure.
Configuring the HappyFox's Custom SAML SSO:
- Log in to your HappyFox Agent Portal.
- Navigate to Apps >> Single Sign-On >> Custom SAML method.
- Under Basic SAML settings, make sure "SAML Integration active" is set as "Yes".
- Under SAML Configuration, select "Custom SAML method" as the SSO provider.
- Paste the SSO URL obtained previously under "SSO Target URL".
- Paste the Certificate contents under "IdP Signature".
- To enable Google SSO (SAML) for agents, set "Authenticate helpdesk agent using SAML" as "Yes".
- To enable Google SSO (SAML) for contacts, set "Authenticate helpdesk end-users using SAML" as "Yes".
- To map custom field values, set "Map Custom Field Values from SAML" as "Yes". Learn more about SSO field mapping.
- Click "Save Settings" to confirm. This successfully completes the SSO configuration.
Sample Contact SSO login workflow: