ScreenSteps Live
Before You Begin
Introduction
This document describes how to configure Oracle Identity Cloud Service to provide Single Sign-On (SSO) for ScreenSteps Live using SAML.
About ScreenSteps Live
ScreenSteps Live creates a hosted knowledge base that delivers a better experience for the authors and customers. ScreenSteps Live makes it possible for agents to quickly search their ScreenSteps Live knowledge base and copy links to knowledge base articles into tickets.
After integrating ScreenSteps Live with Oracle Identity Cloud Service:
- Users can access ScreenSteps Live using their Oracle Identity Cloud Service login credentials.
- Users can start ScreenSteps Live using the Oracle Identity Cloud Service My Apps console.
- Admins can assign and revoke user access to the ScreenSteps Live app using the Oracle Identity Cloud Service administration console.
What Do You Need?
- An Oracle Identity Cloud Service account with authorization rights to manage apps and users (Identity Domain Administrator or Application Administrator).
- A ScreenSteps Live account with authorization rights to configure federated authentication..
- A downloaded Identity Provider metadata file. Use the following URL to access the metadata:
https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/metadata.
Obtaining the Certificate and Saving in PEM Format
Use this section to convert the X509 Certificate value into a format that is suitable for Oracle Identity Cloud Service.
Use the following URL to access the metadata:
https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/metadata.In the metadata file, locate the md:IDPSSODescriptor tag.
Copy the content between the dsig:X509Certificate tags into a text file. This content is the Oracle Identity Cloud Service Certificate.
Add
-----BEGIN CERTIFICATE-----at the beginning of the content.Add
-----END CERTIFICATE-----at the end of the content.
Save the file with an extension of .pem.
Tip: Use this content later during the ScreenSteps Live configuration in the "Configuring SSO for ScreenSteps Live" section.
Configuring SSO for ScreenSteps Live
Access ScreenSteps Live as an administrator using the URL:
https://<Domain_Name>.screenstepslive.com/admin. The ScreenSteps Live home page appears.In the upper-right corner, click Account Settings.
From the left navigation menu, select Single Sign-on. The Single Sign-on page appears.
Click Create Single Sign-on Endpoint, use the table to update the federated authentication attributes, and then click Create.
This table lists the mandatory federated authentication attributes that you must set to complete the SSO configuration. Attribute Value Title Enter the Single Sign-on Endpoint name. Note: Use this name later to obtain the Domain Name and Account ID. Remote Login URL Enter the Sign-in URL/SSO Endpoint: https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/idp/sso.Log out URL Enter the Sign-out URL/SLO Endpoint: https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/idp/slo.Note: ScreenSteps Live can be accessed by a user who is assigned to the ScreenSteps Live app in Oracle Identity Cloud Service, even if the user does not have a ScreenSteps Live account.
On the Single Sign-on page, click the Endpoint that you created.
To the right of the navigation menu, locate SAML Certificate, click Upload new SAML Certificate file, and then upload the certificate that you previously obtained. See the "Obtaining the Certificate and Saving in PEM Format" section.
Select
Authentication Group (<Title>)from the the Group drop-down list.Note: This option displays the Single Sign-on Endpoint name that you configured earlier as Title while creating the Single Sign-on Endpoint.
Click Update.
Configuring the ScreenSteps Live App in Oracle Identity Cloud Service
Use this section to obtain the domain name and account ID, register and activate the ScreenSteps Live app, and then assign users to the app.
Obtaining the Domain Name and Account ID from ScreenSteps Live
A dedicated domain name and an account ID are required before you can register and activate the ScreenSteps Live app. You obtain these values from ScreenSteps Live.
Access ScreenSteps Live as an administrator using the URL:
https://<Domain_Name>.screenstepslive.com/admin. The ScreenSteps Live home page appears.In the upper-right corner, click Account Settings.
From the left navigation menu, select Single Sign-on. The Single Sign-on page appears.
In the Single Sign-on window, click the single sign-on endpoint name that you previously configured in the "Configuring SSO for ScreenSteps Live" section. The Edit Single Sign-on Endpoint page appears.
Locate the SAML Consumer URL in the URLs section. The domain name appears at the beginning and the account ID appears at the end of the SAML Consumer URL:
https://<Domain_Name>.screenstepslive.com/saml/consume/<Account_ID>
Make note of the SAML Consumer URL.
Note: Use this URL in the "Verifying Service Provider Initiated SSO from ScreenSteps Live" section.
Registering and Activating the ScreenSteps Live App
Access the Oracle Identity Cloud Service administration console, select Applications, and then click Add.
Click App Catalog.
Search for
ScreenSteps Live, and then click Add.In the App Details section, enter your ScreenSteps Live Account ID and Domain Name, and then click Next.
Note: These are the values that you obtained while performing the steps in the "Obtaining the Domain Name and Account ID from ScreenSteps Live" section.
Click Finish. Oracle Identity Cloud Service displays a confirmation message.
Click Activate, and then click Activate Application. Oracle Identity Cloud Service displays a confirmation message.
Assigning Users to the ScreenSteps Live App
On the ScreenSteps Live app page in Oracle Identity Cloud Service, select Users, and then click Assign. The Assign Users window appears.
Select users that you want to assign to ScreenSteps Live, and then click OK. Oracle Identity Cloud Service displays a confirmation message stating that the ScreenSteps Live app is assigned to the users that you selected.
Verifying the Integration
Use this section to verify that SSO works when initiated from Oracle Identity Cloud Service (IdP Initiated SSO) and ScreenSteps Live (SP initiated SSO).
Verifying Identity Provider Initiated SSO from Oracle Identity Cloud Service
Access the Oracle Identity Cloud Service My Profile console using the URL:
https://<IDCS-Service-Instance>.identity.oraclecloud.com/ui/v1/myconsole.Log in using credentials for a user that is assigned to the ScreenSteps Live app. Oracle Identity Cloud Service displays a shortcut to ScreenSteps Live under My Apps.
Click ScreenSteps Live. The ScreenSteps Live home page appears.
Click My Profile, and confirm that the user logged in is the same for both ScreenSteps Live and Oracle Identity Cloud Service.
This confirms that SSO that is initiated from Oracle Identity Cloud Service works.
Verifying Service Provider Initiated SSO from ScreenSteps Live
Access ScreenSteps Live using the URL:
https://<Domain_Name>.screenstepslive.com/saml/consume/<Account_ID>. You are redirected to the Oracle Identity Cloud Service login page.Log in using credentials for a user that is assigned to the ScreenSteps Live app. The ScreenSteps Live home page appears.
Click My Profile, and confirm that the user that is logged in is the same for both ScreenSteps Live and Oracle Identity Cloud Service.
This confirms that SSO that is initiated from ScreenSteps Live works.
Troubleshooting
Use this section to locate solutions to common integration issues.
Known Issues
Unknown Issues
For unknown issues, contact Oracle Support:
Go to https://support.oracle.com.
Select Cloud Support, and then sign in with your support credentials.
In the Cloud Dashboard, confirm that there are no planned outages in Oracle Identity Cloud Service, and then click Create Service Request.
Select Oracle Identity Cloud Service as the service type.
Complete your service request.