the Single Sign-on message flow consists of two parts: first, the Identity Service (IdS) detects whether

the user has a valid access token, and if not, the Identity Provider (IdP) provides a login page for

authenticating the user. Once the user is authenticated, the browser issues a PUT of the Finesse

desktop with an access token.

In a Single Sign-on (SSO) message flow for Cisco's contact center solutions, two key parts include:

B. IdS (Identity Service) detects the user has a valid access token: When a user attempts to access a

service, the Identity Service checks if the user's access token is valid, indicating they are already

authenticated.

D. IdP (Identity Provider) provides a login page for authenticating the user: If the user does not have

a valid access token, the Identity Provider will present a login page where the user can authenticate

themselves.

Reference: Cisco's documentation on SSO implementation in contact center environments details the

SSO message flow, including the roles of Identity Services and Identity Providers in authenticating

users.