LogoLogo
  • Introduction to the Ebbot Platform
  • Ebbot Platform
  • Bot basics
    • Scenarios
    • Entities
    • Triggers
    • Training center
  • Scenarios
    • Cards and syntax
      • File Input
      • Text card
      • Input
      • Buttons
      • Image
      • File
      • Carousel
      • Location
      • List
      • Contact Agent
      • Rating request
      • Custom component
      • CoBrowsing
    • Transition
    • Card properties
  • AI Insights
    • Setup and Configuration
    • Using the Insights Dashboard
  • EbbotGPT
    • Knowledge
      • Data source transformer
      • Source types
        • File
        • Website scrape
        • Docx file
        • TOPdesk API
        • Sitevision API
        • SharePoint API
          • Create app with Sites.FullControl.All permission in Azure
          • Ebbot SharePoint Postman Guide
        • Confluence API
    • Configurations
    • Persona
    • GPT Evaluation
    • Embedder models
    • EGPT models
  • Custom vocabulary
  • Tutorials
    • Create your first scenario
      • Select a trigger
      • Add bot responses
  • Data Object
  • Release notes
  • For developers
    • Ebbot SDK
    • Safe Exchange API / Vault
    • Subdomain manager
  • EbbotGPT API
  • Chatbot & Live chat
    • Install chat widget
    • Chats API
    • Chat widget API
    • Datasource API
    • Sales tracking for live chat
    • Webhook
      • Incoming webhooks
      • Outgoing webhooks
    • SMS API
      • Authentication
      • Send SMS
      • Errors
      • Encoding
    • Python components
    • Intent detection (NLP)
  • Product guides
    • Product data feeds
    • Install guide
    • Product guide events
      • Product guide user events
      • Received events
      • Send events
    • API & webhooks
    • GA4 integration
    • Klaviyo integration
  • Messenger marketing
    • Install popup
    • API & webhooks
  • Widget cookies & storage
  • For chat agents
    • Ebbot Chat
      • Settings modal
      • Queue
      • Topbar Stats
      • Menu
        • Power-Ups!
        • Quick Replies
  • INTEGRATIONS
    • Ebbot Live Chat in Zendesk
      • Setup guide
    • Active Directory - SAML
    • Configure SAML in Azure
Powered by GitBook
On this page
  • Prerequisites in Ebbot
  • Configuration

Was this helpful?

  1. INTEGRATIONS

Active Directory - SAML

Add Ebbot to your Active Directory

PreviousSetup guideNextConfigure SAML in Azure

Last updated 4 months ago

Was this helpful?

When a user logs into Ebbot it is done using the access management platform Keycloak. Keycloak can connect to your external Active Directory (AD) using a feature called “User Federation”. This feature makes it possible to synchronise users, groups and their roles from AD to Keycloak.

We (Ebbot) always recommend that you configure the integration of Ebbot into a test AD, if you have one. If your organisation does not have a test AD, just follow the instructions and configure the integration to production.

Prerequisites in Ebbot

  • Company

  • Bot(s)

  • Skills (if relevant)

  • Domain ()

If you have a contact person at Ebbot that is involved in the configuration, please add this person to your AD so that they can test the login.

Configuration

Provide us with IdP SAML entity descriptor metadata (URL from where it can be fetched or as a file). The URL can look something like this: "".

The federation file should include the needed attributes logging into Ebbot via AD. You will find the essential attributes below:

Attribute

Description

First name

The user’s first name

Last name

The user’s last name

Email

The user’s email address

UserID

The user’s user ID

Roles

The role that the user should have in Ebbot

Bots

The bots that the user should access in Ebbot

Skills

The skills the user should have in Ebbot

In your AD, the configuration of attributes can look something like this:


        <Subject>
            <SubjectConfirmation Method="XXXX">
                <SubjectConfirmationData InResponseTo="XXXX" NotOnOrAfter="XXXX" Recipient=“XXXX.ebbot.eu”/>
            </SubjectConfirmation>
        </Subject>
        <Conditions NotBefore="XXXX" NotOnOrAfter="XXXX">
            <AudienceRestriction>
                <Audience>https://account.ebbot.eu/realms/ebbot</Audience>
            </AudienceRestriction>
        </Conditions>
        <AttributeStatement>
            <Attribute Name="Firstname">
                <AttributeValue>Sara</AttributeValue>
            </Attribute>
            <Attribute Name="Lastname">
                <AttributeValue>Andersson</AttributeValue>
            </Attribute>
            <Attribute Name="Email">
                <AttributeValue>sara@ebbot.ai</AttributeValue>
            </Attribute>
            <Attribute Name="Roles">
                <AttributeValue>ebbot-access-role-admin</AttributeValue>
            </Attribute>
        </AttributeStatement>
        <AuthnStatement AuthnInstant="XXXXXX">
            <AuthnContext>
                <AuthnContextClassRef>urn:federation:authentication:windows</AuthnContextClassRef>
            </AuthnContext>
        </AuthnStatement>

Please note that:

  • Skills are only relevant if they are included in your Ebbot setup

  • When setting the roles, make sure that there is only one role per person

To continue the configuration, you need a SP SAML entity descriptor metadata URL from Ebbot to insert in your AD.

You can set up yourself, a colleague or your Ebbot contact person as an Ebbot user in your AD to test if the configuration was successful.

client.ebbot.eu
https://fed.client.se/federationmetadata/2007-06/federationmetadata.xml