Description of Enreach Identity
What is it
New authentication system for Enreach Voice cloud user interfaces *
A centralized and secure system for handling user sign-ins
Built using industry standards
OpenID Connect and OAuth2
Standards also used by big players in the industry
Authenticate users with Microsoft Azure AD when signing in
Also other identity service providers can be implemented via SCIM protocol, if separately agreed.
User always logs in with a browser which means that SSO (Single sign-on) and MFA (Multi-Factor Authentication) can be enabled
Implementation requires user account migration
Benefits
Improved security
No separate credentials – can use user's own Microsoft Azure AD credentials
Possible to use MFA - use customers’ own MFA solution (or use our Keycloak MFA solution)
Easier authentication
No need to ask for username and password, if the user is already authenticated
For example, if the user is already signed-in to Microsoft O365 in their browser they don’t need to sign in again on same device
Easier end-user credentials management
User management done by customers in Microsoft Azure AD.
Easy way to authorize users to Enreach Voice by customers themselves
Sign-in example
An example for Voice for Browser standalone version:
High level steps for migration
Enreach creates customer configuration into the Enreach Identity system
Users are provisioned into the system
Users need to be informed that next time the login is different: a two-step login process where username is asked separately
Optional: Setting up Microsoft Azure AD as the identity provider
Configuration to customers own Azure AD is needed
Customer tenant admin grants consent to Enreach Identity
See more at Configuration Guidelines
Please note: Enreach Identity is not supported on Voice for Windows
© Enreach, Mannerheimintie 117, 00280 Helsinki, Finland
+358 40 450 3000, www.enreach.fi