OIDC is one of the two protocols supported by LiveVox for SSO. OpenID Connect (OIDC) is an authentication layer on top of the OAuth 2.0 authorization framework.[82]. It allows computing clients to verify the identity of an end user based on the authentication performed by an authorization server, as well as to obtain the basic profile information about the end user in an interoperable and REST-like manner. OpenID Connect specifies a RESTful HTTP API, using JSON as a data format. OpenID Connect allows a range of parties, including web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end users. The OpenID Connect specification is extensible, supporting optional features such as the encryption of identity data, the discovery of OpenID providers, and session management.

Obtaining Parameters from LiveVox to Configure OIDC in Okta

To enable SSO on your LiveVox Portal (LVP) client, contact LiveVox Customer Care for assistance.

  1. On LVP, navigate to the Configure > Client > Billing tab, and view the enabled Single Sign On flag.
  2. Navigate to Client > Security. Click See Instructions and copy the URLs - User Single Sign On URL, and Agent Single Sign On URL to configure OIDC on Okta. 

Creating a New Application and Configuring OIDC on Okta

Note

You must have an account on Okta to complete the configuration. If you don’t have one, create it from https://developer.okta.com/signup/.

  1. On Okta, navigate to Applications


  2. In the screen displayed, click Create App Integration.


  3. In the Create New App Integration screen select OIDC


  4.  Okta supports 3 types of OIDC setup. Select the Web Application option or the Native Application Option.


  5. Under General Settings, specify the App integration name, upload a Logo (optional), and then specify the Grant type. Ensure you have checked both, the Authorization Code and Resource Owner Password options for the Grant Type.
    For more information about authentication flows supported, see https://developer.okta.com/docs/concepts/oauth-openid/ 
  6. In the Sign-in redirect URLs section, add the 2 URLs from the Livevox portal - User Single Sign On URL and Agent Single Sign On URL.


  7. Configure who can access the application. Select the required option and click Save.


  8.  Okta creates a Client ID and a Client Secret.  You must copy them to the Livevox Platform to finish the setup. 
     

If you do not see a secret, you can edit and modify the Client Authentication method.

Returning URLs to LVP

  1. On LVP, navigate to Configure > Client > Security tab and paste the client ID and the client Secret into Authorization ID and Authorization Secret fields.



  1. On the Okta page, go to the  Sign On tab and copy the Issuer URL, and paste the value into the Livevox platform. 


  2. On LVP, navigate to Configure > Client > Security tab and paste the Issuer URL into the issuer URL field and click Save.


  3. Verify that all your users and agents have a valid email address configured in Okta and LVP and enable SSO. 

Important

You can access the LiveVox Portal as an admin through the portal.livevox.com URL, or as an agent through the agent.livevox.com URL. LiveVox recommends using the URLs to access the platform instead of the Okta home page.