Integrations and APIs for Service

Get Involved. Join the Conversation.


    Alan Williams
    RightNow SSO
    Topic posted April 10, 2012 by Alan WilliamsGreen Ribbon: 100+ Points, last edited April 11, 2012 
    2939 Views, 20 Comments
    RightNow SSO

    Is there any developer documentation on the implementation ans use of the RightNow SAML option(s)?  We have a partner who is getting various error codes and they would like to know what they mean and how to resolve the errors.  Our customer facing documentation on this feature is VERY limited.


    SAML configs are set and from a configuration perspective, it looks like all is working, or at least should be.


    • Dietrik

      The Rightnow SSO implementation is as simple as it gets. It just needs a SAML message, have it signed with the certificate and posted to the SAML url. It lacks support for many of the SAML features.

      In my opinion a better SAML implementation would solve a lot of the issues. This simple version might have been easy to build but is not well supported by Service Providers in the market.

      The only advantage might be that is not to hard to build you own SAML login provider.

    • Justin

      This link was very helpful for me.  It walks you through SSO to the agent console, but can be easily understood as CP instructions also.  It also provides links to a utility that will allow you to test the SAML post (although it's pretty touchy and I had a few issues with it).


    • Nikunj Anchalia

      Hi all

      Thank you for your post. It has helped me with my SSO agent login.

      However, the one thing I am still struggling with is the relying party identifer.

      Neither I nor the person helping with the ADFS configuration are sure what should be the correct identifier to use.

      Any advise would be greatly appreciated.



    • Robert Surujbhan

      Nik, the Relying Party Identifier in AD FS configuration will be listed as the Audience Restriction in a SAML assertion, and technically that will not be used by the RightNow SSO processor - so you can safely set it to anything you want (the URI of your interface will be OK). More important is the Recipient field which is set by the Assertion Consumer URL endpoint that you configure.

    • Nikunj Anchalia

      Thanks Robert 

      Your feedback was immensely helpful. And we now have successfully setup SSO Agent login.

      Thanks again