Skip Navigation
Testing Single Sign-On (SSO) with Upgrade, Clone or Test site
Answer ID 8465   |   Last Review Date 03/09/2022

How can I configure my Single Sign-On (SSO) functionality to re-direct back to the correct test site I am trying to login from?


Oracle B2C Service console when accessing a non-Production region.


Upon creation of a Test site, Upgrade site or a Clone site, you may encounter problems with your Single Sign-On (SSO) functionality when you attempt to login to the console.  You may be re-directed to your Production site after your SSO login.  In order to get around this and allow you to be re-directed back to the actual site you are testing, you may need to do one of the following:

  • Customer Portal
    • Check if configuration setting PTA_ENABLED is turned on. If it is enabled and configuration setting PTA_EXTERNAL_LOGIN_URL is populated, disable PTA_ENABLED as this will prevent the redirect back to the identity provider from occurring.
    • Update configuration setting PTA_EXTERNAL_LOGIN_URL with the correct value pertaining to the test site if PTA_ENABLED must stay turned on.
    • Verify no custom code is causing the incorrect redirect(e.g hardcoded redirect snippets in template files).
  • Agent Console
    • Service Provider Initiated SSO
      • Open navigation component "Single Sign On Configurations" and update the setup of SSO or turn it off all together by clicking the "Active" checkbox. The profile associated to the affected agent(s) will need to have permission "SSO Login (SAML 2.0)" unchecked as well.
    • Identity Provider Initiated SSO
      • Update identity provider with the test/upgrade/clone site assertion consumer url.  
    • Email address as SAML subject
      • Edit the staff account for anyone testing this functionality. Remove ".invalid" from the end of each email address. This will allow the email in the subject to match the account email.
Note: If an existing SSO connection exists and the site VHOST(name) is modified, the IdP(Identity Provider) needs to accommodate the change to the ACS(Assertion Consumer Service URL) to ensure continuity of the SSO service for the test/upgrade/clone site.

For more information regarding enabling/disabling Single Sign-On, refer to the documentation for your version in Documentation for Oracle RightNow CX Products.
If you have configured SSO on your upgrade site, please see what site the following features are carried forward from during cutover:
  • The SSO_ENTITY_ID configuration setting is a unique setting in that the value from this configuration setting is carried forward from the production site during cutover. When the upgrade site is created, the value in this configuration setting on the upgrade site will be blank.  Two sites cannot have the same value in the SSO_ENTITY_ID configuration setting otherwise SSO will not work as expected.  
  • The Identity Provider set up in the Single Sign-On Configurations component will carry forward from the production site during cutover.
  • The SSO certificates uploaded in the File Manager will carry forward from the upgrade site during cutover.  

Available Languages for this Answer:

Notify Me
The page will refresh upon submission. Any pending input will be lost.