In addition to the username/password sign-in, several other login options are available in CommPeak Dialer and Cloud PBX. You can choose the best methods for meeting your needs. All options provide secure ways for verifying the user's identity.

• Login with Google OAuth

• Login with Microsoft OAuth

  

Both options above follow the OAuth 2.0 standard for secure authorization, enabling delegated access by issuing access tokens to third-party services without exposing user credentials. However, OAuth is solely for authorization — not authentication.

The OpenID Connect (OIDC) authentication layer is built on top of OAuth 2.0. Identity providers use OIDC so users can first sign in with their Identity Provider (IdP) and then access applications without having to log in and share credentials.

OAuth lacks encryption and relies on secure socket layer and transport layer security protocols (SSL/TLS), making it generally not a good choice for securing an enterprise with hundreds or thousands of employees.

• Login with SSO SAML

  

📘

Undestanding SAML benefits

Managing passwords for applications used by hundreds or even thousands of employees can be extremely challenging. Security Assertion Markup Language (SAML) offers enterprises a single sign-on protocol.

SAML is a protocol that lets an IdP transmit a user's credentials to a service provide to both authenticate and authorize that user to access a service. SAML simplifies password management and enables SSO. It is helpful for enterprises because employees access more applications to carry out their jobs.

When a user requests access to the CommPeak Dialer or Cloud PBX, it redirects the user to an IdP for authentication, which could be a service like GSuite or Okta. The IdP then verifies the user's identity, typically through methods like passwords or biometrics, and generates a SAML assertion response containing the user's authenticated identity. This SAML assertion response is sent back to the Dialer or Cloud PBX, which grants the user access based on the identity information provided in the response.

How to Turn On Google OAuth

To turn on the login with Google OAuth for your users:

1. Go to Settings > General Settings.

2. Scroll down to the Login Configuration section.

3. Toggle the slider to the right to enable the relevant option.

   

📘

NOTE

Please take into account the following information:

1. This login option is available to all users with a Google email account.
2. When a user logs in with Google and authorizes their Google email, the Dialer or Cloud PBX system searches for this email address in its database. The login is then associated with the first user account that matches the authorized Google email.
3. If the system contains the same email address for more than one user, the login will be assigned to the first active user with that email.
4. Sign-in from a standalone CommPeak Softphone doesn't support the Google login.
5. This login feature bypasses both the login with email one-time code and two-factor authentication processes.

How to Turn On Microsoft OAuth

To turn on the login with Microsoft OAuth for your users:

1. Go to Settings > General Settings.

2. Scroll down to the Login Configuration section.

3. Toggle the slider to the right to enable the relevant option.

   

📘

NOTE

Please take into account the following information.

1. This login is available to any user utilizing Microsoft or Azure Email services, including Microsoft 365, Live, and Skype accounts.
2. When a user logs in with Microsoft after authorizing their Microsoft email, the system searches for this email in the Dialer or Cloud PBX. The login is then assigned to the first user associated with the authorized Microsoft email.
3. If the system contains the same email address for more than one user, the login will be assigned to the first active user with that email.
4. This login option bypasses both the login with email one-time code and two-factor authentication processes.

How to Integrate with a SAML Provider

To integrate:

1. Go to Settings > General Settings.

2. Scroll down to the Login Configuration section.

3. Enable the account login with SSO SAML by inserting SAML Login URL, which must be obtained from your IdP. The Issuer URL and ACS URL are shown below the login URL.

   

📘

NOTE

Please take into account the following information:

1. SAML login lets you easily manage which users within your organization can access the Dialer or Cloud PBX. Users do not need to enter passwords; they simply click Login via SSO and authenticate through the customer's SAML IdP.
2. Sign-in from the standalone CommPeak Softphone doesn't support the Login with SSO option.
3. The system processes the email authorized by the customer’s SAML provider and logs in with the same active user email in the system. Deleted or inactive users cannot log in using SAML.
4. This login option bypasses both the login with email one-time code and two-factor authentication processes.

SAML Setting Examples

Okta

Please visit Okta help instructions.

1. Create an integration.

   

2. Insert the Dialer or Cloud PBX account access URL and issuer URL.

   

3. Follow this setup and make sure to set Signed in Response and Assertion Signature. Assertion Encryption should be set to Unencrypted.

   

4. Now, you can assign users in your organization to sign in via the Dialer or Cloud PBX SAML login.

   

Google

Please visit Google help instructions.

1. Click Add custom SAML app.

   

2. Enter CommPeak Dialer, then click CONTINUE.

   

3. Copy the SSO URL to the Dialer SAML IDP Login URL.

   

4. Insert the Dialer issuer URL and ACS URL here.

   

5. After the setup is complete, you can test the login. Click TEST SAML LOGIN and proceed.

   

Microsoft Azure

Please visit Microsoft Azure help instructions.