User Login & Single Sign-On (SSO)

overview the login page provides the gateway to the platform's web based interface, offering privileges to manage a single tenant, its campaigns, users, and call managers the page supports standard credential based login as well as enhanced security and convenience features like single sign on (sso) via saml and google integration how it works the login page supports multiple methods for accessing the console login method how it works nature normal login the user enters their platform user id and password , then clicks login password strength and expiry follow your password policies (see password policy ) standard login with saml the user clicks saml and is sent to the organization’s identity provider (idp) after corporate sign in, the idp and the platform exchange trust using saml 2 0 assertions common idp examples customers use include microsoft ad fs , okta , keycloak , and other saml capable providers—configuration is still saml , not a separate product specific “okta button ” licensable (sso) login with google the user clicks google (or g google on some builds) and signs in with google workspace (formerly g suite) the tenant must allow your google domain so only authorized staff can complete login licensable (sso) public cloud note (capacity planning) on ameyo public cloud , saml logins are documented with a practical ceiling on consecutive saml sessions (on the order of hundreds ) for very high concurrent interactive logins, operations teams may prefer oauth based authentication paths documented for cloud—confirm current limits with your exotel or platform account team this does not add a third branded button on the classic web login; it is an architecture / scale choice for cloud deployments use cases enterprise security a large corporation implements sso (saml) to enforce its strict corporate password policies and multi factor authentication across all applications, including the contact center platform streamlined user access an agent logs into their company computer and can immediately access the agent console (or another platform) via sso without needing to enter their credentials a second time centralized user management when an employee leaves the company, an it administrator simply deactivates their single corporate account in the idp, which automatically revokes their access to the platform via saml benefits improved security centralizes user authentication, making it easier for the business to enforce strong corporate password policies and manage access centrally enhanced user experience simplifies the login process for users (administrators and agents), saving time and reducing the frustration of managing multiple passwords reduced administrative overhead streamlines the user onboarding and offboarding process by linking access control to a single corporate identity language selection the login page also allows the user to set their preferred language before logging in the user selects the desired language from the drop down menu provided at the top right corner of the screen by default, english is selected as the platform's language available languages include english, french, thai, arabic, japanese, deutsch, and turkish limitations identity provider outage if the central identity provider (idp) used for saml or google login experiences an outage, users will be unable to log in to the platform using the sso method licensable features the saml and google login options are licensable features, requiring specific configuration and agreement session behaviour (after login) once authentication succeeds, the platform keeps a session open for your user until you log out , the session expires from inactivity, or an administrator or policy ends it (for example when another login is not allowed and you choose to take over an existing seat) if you see a force login or maximum sessions style message, follow the on screen options or contact your administrator—limits are applied per deployment related topics password policy — local password rules (simple, complex, enforce, substring/identity policy) used with normal login and password changes logout from ameyo — steps for agents to leave the application cleanly administrator login — console login for tenant administrators supervisor login — supervisor web login login logout — reporting view for login and logout activity