Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »

To download above documents:

  • Click on desired document

  • Click on cloud symbol in the upper right-hand corner of your screen, this will allow you to download, save and/or print

Overview

To increase adoption and provide a seamless experience, Deem provides single sign-on (SSO) capabilities for enterprise services, employing a wide variety of industry open standards. Through the use of SAML 2.0, an enterprise can provide seamless access for its employees without any additional user authentication, and without requiring users to remember new passwords.
For users, SSO is all about experience: fewer passwords to manage, and fewer barriers to getting their job done. Enterprise employees can automatically be provisioned and authenticated, becoming immediately productive with Deem services in a completely transparent manner. For an enterprise, SSO translates into higher adoption rates, tighter security, fewer help-desk calls, and enhanced return on existing technology investments.
By integrating Deem enterprise services with enterprise identity stores, it is also possible to include user provisioning information in the SAML single sign-on token. This allows a single process flow from the corporate Identity Provider into Deem, eliminating the need for a separate provisioning process. If the user does not already exist in the Deem system, or if there is updated information about the user, the SAML assertions may contain provisioning information, allowing for automated, simultaneous update or pre-population of the user's profile when they log in.

Required profile attributes

The following case-sensitive attributes are required when sending a provisioning request:

  • externalID: This is a unique identifier for the user that correlates to the enterprise's system. This is typically an employee number, or some other unique identifier that will not change over time.

  • userName: This is another unique identifier for the user. Specifically, this will be the username that appears in the user interface for Deem services, and would be used for logging in, if SSO was not enabled.

  • email: The user's email address. This must be unique within your company.

  • firstName: The user's first name.

  • lastName: The user's last name.

Optional profile attributes

The following case-sensitive attributes may optionally be sent along with the required attributes:

  • aptSuite

  • birthday

  • city

  • companyName

  • costCenter

  • country

  • departmentName

  • division

  • emergencyContactName

  • emergencyContactPrimaryPhone

  • employeeID

  • employeeStatus

  • groupwareID

  • homeAptSuite

  • homeCity

  • homeCountry

  • homePostalCode

  • homeStateProvince

  • homeStreet1

  • jobTitle

  • middleName

  • mobilePhone

  • postalCode

  • stateProvince

  • street1

  • subdomainName

  • userName

  • workFax

  • workPhone

Additional profile attributes are employeeType, departmentCode, misField1, misField2, misField3, misField4, misField5, and misField6.

Steps to set up SSO:

  • TMC email Channel Sales Director requesting SSO

    • Provide if SSO is for

      • Desktop and Mobile

      • Only Desktop

  • Channel Sales Director will provide TMC

  • TMC will then need to have both forms completed before integration can be completed

Customer Experience with SSO and Deem mobile:

  • No labels