Skip to main content
Skip table of contents

Identity and Access Management

Expertflow CX IAM (Identity and Access Management) backed by KeyCloak, enables users to access all CX resources securely. You can control Authentication (who can sign into CX) and Authorization (who is permitted to use a CX resource). 

The following section describes how users and applications are secured in our case:

User Management

User management in Keycloak can be done through the Keycloak Admin Console, a web-based interface allowing administrators to manage users, roles, and permissions. You can access your Keycloak Admin Console by https://[server-fqdn]/auth.

The admin permissions are set in Unified Admin in Expertflow CX. The permissions are described here.

The agent roles and permissions are described here.

To see the details of the user management and authentication in Keycloak interface, please click here.

Application Management

Expertflow CX can be deployed on-prem or on the cloud as a standalone web application. It can also be deployed within Cisco Finesse. Expertflow CX has permission and access management (using Keycloak IAM) to access different application resources. We have role-based permissions on a top access level (i.e admin, agent, supervisor) and for more granular access levels we have a group-based implementation available too. See Security and User Permissions for more information.

Deploy as Standalone

After successful deployment, you will need to set up your client (resource server) in the Keycloak instance to make authentication work, please refer Keycloak Client Resource Management Setup guide to setup your client.

Deploy within Cisco Finesse

Apart from Standalone deployment, you can set up your Expertflow CX solution within the Cisco Finesse environment (i.e UCCX or UCCE). We have the following two methods available and are part of Expertflow CX IAM:

  1. Login with Finesse (SSO)

  2. Login with Finesse (Without SSO)

Using either one of the above authentication methods you can set up your Finesse environment with Expertflow CX.

Two-factor Authentication

As an added layer of security and for secure user access to the CX application, we have implemented two-factor authentication in our user apps (i.e AgentDesk and Unified Admin). Each deployment can be configured to enable two-factor authentication using the Google Authenticator App or SMS. See the deployment guide to enable two-factor authentication in CX.

Here is the detailed user guide on how to use two-factor authentication while logging in to CX user apps.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close