Skip to content

Single Sign-On via Keycloak

Description

Provides enterprise single sign-on for agents, supervisors, and administrators using Keycloak as the identity provider. Supports SAML 2.0 and OpenID Connect protocols, enabling integration with corporate identity systems such as Active Directory, Azure AD, and Okta.

Canonical use case

A bank's contact centre staff log in once to their corporate identity portal and are automatically authenticated into ExpertFlow without entering separate credentials, enforced by Keycloak federation to Active Directory.

Open Items

  • [ ] Canon alignment — populate canon_axiom_refs or confirm no existing axiom applies
  • [ ] Dependency assessment — set dependencies_assessed: true once SA has reviewed the full chain
  • [ ] effort_estimate — replace 0 with rough engineering days (order of magnitude)
  • [ ] public_description — write the public-facing description before publishing