Overview
KORE’s products are being integrated together into a single unified Platform that will facilitate seamless access across our entire ecosystem. Our new Platform also allows for a robust Single Sign-On (SSO) solution to allow our customers to integrate their own Identity Provider - including leading industry solutions such as Azure Entra ID (Azure Active Directory), OKTA, and Salesforce.
The KORE Platform will both provide users with a convenient experience and more choice for your organization - whether you want to use a single KORE login and user profile across all KORE products, or login to the KORE ecosystem through SSO with the same credentials as your existing IT systems.
- Simplified navigation between KORE’s products: you will only need one login to access all of KORE’s products
- Ability to choose to use a global KORE login or your supply your own users through an Identify Provider with SSO
- Reduced requirements for maintaining KORE internal users to your systems (outside of CRM) - the new KORE Platform allows for temporary access requests that you can manage and approve
- With KORE's SSO integration into your Identity Provider:
- Users won't need to repeatedly enter their credentials when they are already logged into your environment
- Simplified password management - users will only have to maintain a single set of credentials across all your systems!
- Improved security and compliance through adopting industry standards and best practices
If you are using KORE Logins and would like to move to SSO, a small migration will need to be done to link your existing KORE Logins with your user credentials provided from your IdP. Contact your Customer Success Rep for more information. |
KORE’s CRM Integrated products - Sponsorship, Fan Engagement, and Suites & Premium - are actively being integrated into the new KORE Platform. Note that CRM Integrated products require SSO. We plan on migrating most existing customers from Legacy Authentication to Platform Authentication by Q2 2024. See https://help.koresoftware.com/hc/en-us/articles/22545777432599-PSS-Migration-to-KORE-Platform-SSO for more information or contact your Customer Success Rep. |
Platform Product Feature Grid
Choosing a Configuration
To determine which configuration is right for your organization, consult with your Custom Success Representative and your IT department to determine if they have any specific requirements or recommendations. Depending on which KORE products you are leveraging, it may also impact which configuration is appropriate.
In general:
- If you are not using a CRM integrated product:
- Decide if you want to have KORE manage your user accounts (KORE as IdP) - this is the default configuration for most customers
- Or, use the same user accounts as your organization (setup SSO with your own IdP)
- If you are using a CRM integrated product and Dynamics 365:
- You will need to configure SSO with KORE as it’s a requirement for an embedded CRM experience
- All KORE Products will use your organization’s user accounts
- If you are using a CRM integrated product and have Salesforce:
- You will need to configure SSO with KORE as it’s a requirement for an embedded CRM experience
- Determine if you log into Salesforce with Salesforce users, or if you already have SSO setup with Salesforce and your organization (you log into Salesforce with your organization account)
- If you have SSO setup in Salesforce, setup SSO between KORE and your organization’s IdP.
- If you do not have SSO setup in Salesforce, do you wish to require all users that access KORE products to also have Salesforce Accounts?
- If so, setup SSO between KORE and Salesforce
- If not, consider setting up SSO with Salesforce and your organization’s IdP first and then setting up SSO with KORE products with the same IdP
Technical Details
The KORE Platform is an identity provider used by all KORE products. It can provide user management on it’s own via our Management Portal, or it can federate optionally with your existing single sign-on (SSO) solution - meaning users will only need to log into your organization once and will not need to sign into KORE with a separate log in.
When a KORE product needs to verify a user’s identity, it sends a request to the Platform. If SSO is enabled, the platform then becomes a relying party and relays the request to your identity provider. If the user is a guest user account invited to your KORE product, the KORE Platform is used to manage them.
Our Platform offers federation with Azure Entra ID (Active Directory Cloud), ADFS 3.0 (Active Directory On Premise), Salesforce and OKTA via a standard OAUTH flow.
SSO Configuration Overview
To configure Federation between the KORE Platform and your system, KORE will require registration to the App Service of your IdP. Depending on your IdP solution this process can differ.
Certain information such as which Domains your users will be logging in from will be needed by the KORE team.
Note - It’s not possible to create a hybrid environment across KORE’s products. Once SSO is configured, SSO is enabled for all KORE products. We also only support Federation with a single IdP.
Azure
KORE will send a link to deploy an Enterprise Azure App through an Azure Consent process. This App provides access for KORE to interact with your environment through OAUTH. An Azure Administrator will be required to approve the request on behalf of your organization.
Salesforce
There are a couple of ways SSO can be configured between KORE and a Salesforce environment. Here are 2 common configurations:
If the KORE Platform is set up to directly establish federation with Salesforce (i.e. use your Salesforce user accounts to access KORE products), after SSO is activated, each Salesforce user will need to access the "Authorize KORE" tool within Salesforce and grant permission for our Connected App to access the platform with their user account.
OKTA and ADFS
Please contact KORE for more information on the setup process.