Steps to configure SAML SSO for Front

About Front

Front is an AI-powered customer service platform designed to enhance team collaboration and deliver exceptional service. It consolidates all service channels into one inbox, allowing teams to work together seamlessly across email, chat, SMS, and more.

The following steps will help you enable single sign-on (SSO) for Front from Identity360.

Prerequisites

1. The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications.
2. Log in to Identity360 as an Admin, Super Admin, or Technician with a role that has Application Integration and Single Sign-on permissions.
3. Navigate to Applications > Application Integration > Create New Application, and select Front from the applications displayed.
   Note: You can also find Front from the search bar located at the top.
4. Under the General Settings tab, enter the Application Name and Description.
5. Under the Choose Capabilities tab, choose SSO and click Continue.
   General Settings of SSO configuration for Front.
6. Under Integration Settings, navigate to the Single Sign On tab, then click Metadata Details. Copy the Login URL and Signing Certificate. These will be used later during the configuration of Front.
   Integration Settings of SSO configuration for Front.

Front (service provider) configuration steps

1. Log in to your Front application as an administrator.
2. Go to the Settings and select Preferences.
3. Under Company preferences, click Single Sign On.
4. Select SAML from the drop-down list.
   Front app SSO settings.
5. In the Entry Point textbox, paste the Login URL copied in step 6 of the prerequisites.
6. Select HTTP Redirect from the Authentication request binding drop-down.
7. Select PasswordProtectedTransport from the Requested authentication context type drop-down.
8. In the Signing certificate textbox, paste the Signing Certificate copied in step 6 of the prerequisites.
9. Click Save.
   Front SAML SSO configuration.
10. Scroll down to the Service provider settings section, and copy the Entity ID, which will be used during Identity360 configuration.
    Front service provider settings.

Identity360 (identity provider) configuration steps

1. Switch to Identity360's application configuration page.
2. Enter the Sub Domain of your Front account. For example, if your Front app's Entity ID copied in step 10 of Front configuration is https://xyz.frontapp.com, then xyz is the Sub Domain you should use.
3. Enter the Relay State parameter, if necessary.
   Note: Relay State is an optional parameter used with a SAML message to help you remember where you were or to direct you to a specific page after logging in.
4. Click Save.
   Integration Settings of SSO configuration for Front.
5. To learn how to assign users or groups to one or more applications, refer to this page.

Your users will now be able to sign in to Front through the Identity360 portal.