SSO and using access token?

Platform API JavaScript SDK
1

Hello,
We set up SSO between Genesys and our Microsoft Azure AD so that the following works:
open our SPA (a Vue JS 2 app) in browser, log in to Microsoft, be redirected to the SPA, be prompted for Genesys login (initial setup: configure Genesys platform client to log in with implicit grant), click on "more connection options", fill in the organization, click on other account: Microsoft, and you're done (SAML2 behind the screens).

Now I'd like to get the access token for use by my platform client.

This helped me, this retrieves the access token I need: saml2bearer-oauth-example/server.js at master · MyPureCloud/saml2bearer-oauth-example · GitHub

Now I have to find out how to get SAML assertion from Microsoft: POST https://login.microsoftonline.com/my-tenant-guid/saml2?SAMLRequest= ...

Any advice? My backend is in C#, since it seems hard to code in javascript.

3

Hi @Barbara_Post

It is likely that you don't want the SAML2 bearer grant, just the SSO. In that case, you can implement the auth code grant since you have a C# backend. Or implicit grant if you want the token for the frontend app.

https://developer.genesys.cloud/authorization/platform-auth/use-authorization-code
https://developer.genesys.cloud/authorization/platform-auth/guides/oauth/module-2-implicit-grant

You can use the SAML2 bearer grant if you want, but it's a lot more difficult. You would need follow the docs and example app and refer to the MSFT documentation for how to work with their SAML provider.

1 Like
4

Thanks, I have to pause this work for now for some days.
I'd like to improve the UI part of the SSO, since the SSO works as stated, using implicit grant for login.
For now the user has a few clicks to perform and fill in the Genesys organization.

5

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.