This article will cover:
What does the flow look like from the Advocate point of view?
- Navigate to the AdvocateHub URL
- There are two scenarios:
- If they have previously logged in to your portal and the cookie is still present in the browser then they will be brought directly to the AdvocateHub.
- If they have not previously logged in and have no cookie they will be invited to enter their login credentials to your platform, upon successful entry of these, they will be brought to the AdvocateHub.
Note: If an advocate is already a member of another AdvocateHub with the same email address then there is one additional step in the flow. After they successfully enter their credentials into the customer portal, they will see a message like below:
An email will be sent to the Advocate which will include a link which they just have to click on and they will be brought back to the login screen to enter their credentials once more before gaining access to the AdvocateHub.
How do invites work with SSO?
You can get Advocates into your hub in a number of ways:
1. Join Code/Join URL - These work exactly the same as they would on a non-SSO hub. Read more on them here
2. You can also provide your Advocates with just your hub URL and they will be able to access. The disadvantage of this is the lack of segmentation.
3. You can send out traditional email invites from our system or Marketo. If you send these the Advocate must use the link provided in these emails or else they may encounter permission issues.
Things To Think About If Implementing SSO On An Active Hub
What can you do to prepare for this?
Can I have Employees access the AdvocateHub via SSO but Customers access using the traditional method?
Using SAML, no, anybody who has an account setup in the platform you are utilizing SSO in will be able to access the AdvocateHub. This is a case of all or nothing. If you want to use SSO then everybody has to login using it. So for example if you have employees who have accounts in your portal they can login through SSO, but if you have customers who don't have an account in your portal they have no way to login when SSO is enabled in your AdvocateHub.