Configurar o Salesforce SSO com o Flex

Este documento apresenta o processo de configuração do Salesforce SSO no Twilio Flex. Você precisará acessar a instância e as permissões do Salesforce para configurá‐lo, bem como acessar o Twilio Console.

Criar um certificado auto‐assinado no Salesforce

You'll start by creating a certificate. You'll need to configure this with Twilio Flex later.

1. Click on the Settings icon, then click on Setup
2. On the sidebar, scroll down to Settings. Click on Security > Certificate and Key Management.
3. Click the Create Self-Signed Certificate button.
4. Enter a Label and Unique Name, e.g: `SalesforceSSO`
5. The Key Size should be the default value of 2048.
6. Check the Exportable Private Key.
7. Click Save.
8. Click Download Certificate. You will need the certificate later.

Habilitar o Salesforce Identity Provider no Salesforce

Verifique se o provedor de identidade está habilitado no Salesforce.

1. On the Setup page, on the left sidebar, navigate to Settings > Identity > Identity Provider.
2. Click Enable Identity Provider.
3. Select the certificate you created in Create a self-signed certificate in Salesforce.
4. Click Save.

Criar um app conectado do Twilio Flex no Salesforce

Vamos apontar o Salesforce para o lado Flex da integração.

1. On the Setup page, navigate to Apps > App Manager.
2. Click New Connected App.
3. Set Connected App Name to “Twilio Flex”.
4. Set API Name to “Twilio_Flex”.
5. Enter a suitable email address for Contact Email.

Configurações do app da Web

1. In the Web App Settings section, set the Start URL to https://flex.twilio.com/?path=/agent-desktop.
2. Enable SAML should be ticked.
3. Set Entity Id to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2/metadata. Remember to replace ACxxx with your Twilio Account SID.
4. Set ACS URL to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2. Remember to replace ACxxx with your Twilio Account SID.
5. Set Subject Type to Username.
6. Set Name ID Format to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
7. Set Issuer to https://yourdomain.my.salesforce.com/
8. Set IdP Certificate to the certificate you created in Create a self-signed certificate in Salesforce.
9. Check that the Verify Request Signatures option is unticked.
10. Check that the Encrypt SAML Response option is unticked.
11. Click Save.

Adicionar atributos personalizados

1. Navigate to App > App Manager.
2. Search for the App you created in Create a Twilio Flex Connected App in Salesforce.
3. Click on the caret symbol and select View.
4. Click on New under the Custom Attributes section.
5. Add the two custom attributes:

   Key	Value
   full_name	$User.FirstName + “ “ + $User.LastName
   roles	“agent” (must be in quotes)

Note This will grant all users agent permissions in Flex. If you need to add supervisor or admin permissions, edit the “roles” custom attributes in the App Manager and include the roles in a comma separated value format. e.g: “agent, supervisor, admin” will grant the users the agent, supervisor, and admin role in Flex.

Create a Salesforce User

You can create a Salesforce user that will then be able to be used to login to Twilio Flex using SSO.

1. On the Setup page, navigate to Administration > Users > Users.
2. Click New User.
3. Fill in the required values:
   • First Name
   • Last Name
   • Alias
   • Email (You’ll need this to receive a verification email)
   • Username (You’ll use this to login later)
   • Nickname
4. Select Salesforce for User License.
5. For Profile, select Standard User. (We will need to assign profile access).
6. Scroll down and check Generate new password and notify user immediately.
7. Click Save.
8. Check your email for instructions on how to verify your account.

Assign Profile Access to the Connected App

1. On the Setup page, navigate to Administration > Users > Profiles.
2. Edit the Standard User profile.
3. Under Connected App Access, check the box for Twilio Flex app.
4. Click Save.

Note Salesforce users that are assigned to specific Profiles must have profile access to your Twilio Flex app. In Create a Salesforce User, we created a user and assigned the Standard User profile. Profiles that do not have access will not be able to complete SSO with Flex.

Configurar SSO no Twilio Flex

Quase pronto! Agora você precisa configurar o lado do Twilio da integração.

1. Abra a página de admin do Twilio Flex Single Sign-On.
2. Set Friendly Name to something related, e.g: SalesforceSSO.
3. Copy the contents of the certificate you downloaded earlier in Step 8 from Create a self-signed certificate in Salesforce.
4. Paste the certificate contents for the X.509 Certificate field.
5. Set Identity Provider Issuer to https://yourdomain.my.salesforce.com/idp/endpoint/HttpRedirect/.
6. Set Default Redirect URL to https://yourdomain.my.salesforce.com/idp/endpoint/HttpRedirect/.
7. Click Save.

Be sure that the Twilio SSO URL field matches the value you provided in Salesforce for ACS URL. To learn more about migrating from the preview.twilio.com URL to iam.twilio.com see our migration guide.

Testing SSO in Twilio Flex

To test your Salesforce integration with Twilio Flex, enter the auto-generated login link in your address bar. You can find it in the Flex Single Sign-On settings.

You will be redirected to Salesforce and will be required to login with your Salesforce credentials. Once you successfully authenticate using your Salesforce user, you should be redirected to Twilio Flex and have completed Single Sign-On with Salesforce!