1. What is Single Sign-on (SSO)?
Single Sign-on allows employees in a company to access all the company application with one set of credentials. Depending on the company, the credentials can include email, phone number or username, along with the password. The company routes all logins through an IDP (Identity Provider) with which the company has a purchased license. The IDP usually hosts a login page for the employees to enter their company credentials before entering any application. Single Sign-on provides better security with the central authentication point, limiting the possibility of phishing.
QUICK TIP: To ensure there is no conflict with Single Sign-on for your account, each user contact email address must be unique when creating user extensions or call queue extensions.
2. Who is eligible for SSO?
Avaya Cloud Office Accounts that are Premium, Ultimate, Core, Advanced and Ultra systems.
3. What are the requirements for SSO?
An IDP (Identity provider) which supports SAML 2.0 is required. Most IDPs in the industry support SAML2.0, but it should still be confirmed before the SSO implementation.
4. What is the process if an SSO enabled company adds new Users?
The new user will receive an activation email for the account to setup their PIN & security questions. The email will include instructions for them to sign in with SSO.
5. Where can Avaya Cloud Office customers use SSO?
SSO works with your Avaya Cloud Office account and all Avaya Cloud Office apps.
6. What notification will Avaya Cloud Office send out after SSO is enabled?
SSO notifications are sent in the following scenarios:
• Enabling with "Enforce SSO login only"
• Enabling with "Allow users (either or)..." and selecting Yes to maintain password
• Disabling SSO
Apart from the scenarios above, it will be the customer who will need to send out the notification and let their employees know about the change after SSO is enabled.
7. In the case that SSO server failed or customers are not able to sign in with SSO, what should they do?
Customers can reach out to Avaya Cloud Office support. Support can manually reset the password and send the temporary password to the Users of the account.
8. How can Avaya Cloud Office customers set up their SSO settings?
Account Administrators can go to Tools > Single Sign-on. Account Administrators can select Set up SSO by yourself or Contact Customer Support. See
9. If a customer’s IDP entity ID is being used by multiple accounts, does it mean they cannot access SSO functionality at all?
No. They will not be able to set up SSO by self-serve, but they can still call in to Avaya Cloud Office Support for manual configuration of SSO.
10. Is it possible to make all Users sign in using their e-mail instead of their number/extension?
Yes. Follow the steps below:
1. Go to Admin Portal > Tools > Single Sign-on > SSO Settings.
2. Click Off to disable the ability to login with Avaya Cloud Office credentials.
3. Click Save to save your changes.
11. What to do if the customer is getting an error in logging in to OneCare with an error saying "SAML2 Authentication Error"?
Reach out to our Avaya Cloud Office Support Team DOCS100752.
12. What to do if the customer is getting an error in logging in to OneCare with an error saying "Single sign-on authentication was unsuccessful (Reference #XXXXXX)"?
Reach out to our Avaya Cloud Office Support Team DOCS100752.
13. What to do if the customer is getting an error in logging in to Service Web using their SSO?
Check what the error is and conduct basic troubleshooting steps. If the error persists, please reach out to Avaya Cloud Office support DOCS100752.
