08/29/18 04:10 AM  

Single Sign-On (SSO) - Setup | RingCentral

« Go Back

Article

 
SummaryAccount Administrators can select to set up Single Sign-on by themselves for their RingCentral account or contact support for an assisted setup.
Details


To setup SSO, login to the online account as an administrator > Tools > Single Sign-on. 

Set up SSO by yourself
Contact Customer Support 
 

Set up SSO by yourself


NOTE: If the IDP (Identity provider) entity ID is used by multiple accounts, you will not be able to set up SSO by self-serve. If we find that this IDP has already been assigned to another account, you will need to contact RingCentral Customer Support for manual configuration.

1. Export the IDP metadata from your IDP server first..
2. On the SSO page, click Set Up.

tools - sso page - selfserve 1


3.. Upload IDP metadata from either local file or URL from your IDP server.

tools - sso page - selfserve 2


4. The necessary information will be parsed from metadata and will be displayed automatically.

tools - sso page - selfserve 3


5. Select attribute in metadata which should be mapped to email at the RingCentral side. The drop-down list will list all attributes parsed from the IDP metadata.

NOTE: Specify which email attributes you want to use within your metadata. If the email attribute is not recognized, type out the name of the attribute by clicking Custom in drop-down.
 

tools - sso page - selfserve 4


6. Manage certificates. Multiple certificates may be added, but only the ones identified as Primary and Secondary certificates will be used. If metadata already contains certificate information, it will be displayed. Otherwise, add the certificates manually in this step. Click Save when done.

tools - sso page - selfserve 5


NOTE: If certificates are expired, the SSO login flow will fail. When IDP notifies you that your certificate is about to expire, upload new certificates.

7. Download the Service Provider metadata > import it into the IDP server to complete the configuration on the IDP side.

tools - sso page - selfserve 6


8. Tick Enable SSO Service checkbox > click Save.

NOTE: If there is a duplicate email in the account, SSO cannot be enabled.

tools - sso page - selfserve 7
 

Contact Customer Support


- Assisted SSO setup > Contact Customer Support section > click View Detail.

sso - contact support

- The Contact Support to Enable SSO window will pop up. Follow the steps to continue.

tools - sso page - contact support window


 

1. Prepare IDP SAML 2.0 medadata. 

This section shows sample SAML metadata and the SAML Reference for guidance. Export the SAML 2.0 metadata details from an Identity Provider (IDP), like PingFederate, Okta, or a homegrown IDP. 
Contact RingCentral Customer Support > request Single Sign-on set up assistance. Support staff will ask for the exported SAML 2.0 metadata file and answer your Single Sign-on questions.

3. Import SAML 2.0 Service Provider (SP) metadata

You will receive an email from RingCentral Customer Support containing SAML 2.0 SP metadata. You need to import this data into your Federation Server.
 
4. Enable SSO Integration.

See also:

Single Sign-on Overview
 
Ranking
Was this information helpful?
Yes
No
Somewhat

Tell us why and what can we do to improve this information