SSO with AzureAD out-of-box authentication library and Angular SPA

frank_AOD · December 20, 2022, 11:16pm

Looking for some information in creating an SSO environment using an Angular SPA with Microsoft's out-of-box web authentication library and Genesys cloud.

I'm the developer for the Angular SPA, which will be a call queue monitoring dashboard. I have not yet had a great deal of contact with Genesys cloud so don't know the extent of its configuration capabilities for integration.

I have implemented the above authentication library with the SPA framework and can see that the library delivers a payload that includes a JWT token with a set of claims that can be verified by an integrated application. This JWT token is intended by Microsoft for seamless integration with their cloud products such as Microsoft Graph however it is a very standard token and should theoretically be able to be used as-is if Genesys cloud can be configured to read the claims.

The claims in the token are as follows:

Is it possible to use this out-of-box token as a Bearer token in the authorization header when setting up a connection to the WebSocket Notification service on Genesys cloud or will there need to be some other setup needed?
If this is not the correct approach for seamless integration between AzureAD, the SPA and Genesys then I'd be deeply grateful if I could get some assistance with the correct approach

tim.smith · January 3, 2023, 6:22pm

Genesys Cloud uses OAuth 2.0 for authorization. If you're integrating with an SSO provider in your own app, you can use the SAML2 Bearer OAuth flow documented here: https://developer.genesys.cloud/authorization/platform-auth/use-saml2-bearer.

frank_AOD · January 9, 2023, 11:19pm

Thanks Tim,
I discovered this this while looking at the SAML2 flow as suggested above. Is this something that could be used to shortcut the process? I don't see a lot in the way of documentation for it.

tim.smith · January 10, 2023, 2:34pm

I don't have any idea what that is. I'd say contact the author, but I can't discern any author information from the listing and it doesn't appear to have a specific contact option. The help link just gives a 404. It looks like there's a chance that's an official Genesys offering; I'd recommend opening a case with Genesys Cloud Care to ask them about it or posting on the Genesys Cloud Community Forum. This forum is specific to custom integrations and API usage; base product questions should go to Care or the community forum.

system · February 10, 2023, 2:34pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.