General Account Settings

How to set up SAML 2.0 Single Sign-On via an Identity Provider

BoldChat provides Single Sign-On support based on SAML 2.0 protocol. It accepts SAML Assertions using the SAMLResponse parameter where the NameID of the authenticated user is a mandatory claim.

On the Identity Provider (IdP) side you must set up the connection with the following parameters:

Protocol type: SAML 2.0
Service type: AssertionConsumerService
Binding type: HTTP-POST
WantAssertionsSigned: True

Alternatively, you can set up the connection using the BoldChat metadata XML below that contains the required parameters.

Important: Change both instances of xxxxxxxxxx to your account ID. You can find your BoldChat SSO URL on the settings form. Change both instances of yyyyyyyyyy to the web client URL extended with the server set for your data residency region.

Data Center	URL
USA	web.boldchat.com
EU	web-eu.boldchat.com

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<EntityDescriptor entityID="https://yyyyyyyyyy/aid/xxxxxxxxxx/" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
  <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
    <AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://yyyyyyyyyy/aid/xxxxxxxxxx/"/>
  </SPSSODescriptor>
</EntityDescriptor>

Go to Setup > General Account Settings > Single Sign-On and select the Main Setup tab.

Remember: You must configure SSO on the Identity Provider side first.

Click Test to check the authentication process.

You are redirected to the Identity Provider's URL in a popup. If you get back SAMLResponse from the ID Provider than its response will be presented on this setting form. If no SAMLResponse parameter returns or you simply misconfigured your URL, the popup window may stay open.

Important: The Identity Provider URL must be a common link that authenticates and redirects the user to the BoldChat SSO URL with SAMLResponse token, if the user have the necessary rights.

Result	Description
`SAMLResponse` is returned	The response is presented in the form. Note: Copy the public key for later use.
`SAMLResponse` is not returned	The popup may stay open. It is likely that you have simply misconfigured your URL.

Result

Description

SAMLResponse is returned

The response is presented in the form.

Note: Copy the public key for later use.

SAMLResponse is not returned

The popup may stay open.

It is likely that you have simply misconfigured your URL.

Check that NameID is a mandatory claim in the SAMLResponse token.
You must add this claim on the Identity Provider side to be a unique attribute of the authenticated user, for example their e-mail address. When you map an authenticated user later on, the NameID field must be the SSO Name ID on the operator field.
Under the Public Key Setup tab, paste the public key of your signed SAMLResponse token that you received in Step 2.

Save the public key.

Agent Workspace setup. To access Agent Workspace by SSO, use the following URL format:
- https://agent.boldchat.com/sso/account-id/ACCOUNTID (Replace ACCOUNTID with your account ID)
- https://agent.boldchat.com/sso/username/USERNAME (Replace USERNAME with your username)
Desktop Operator Client setup. You can use the desktop Operator Client in SSO mode with version 7.40 or newer. To configure the desktop Operator Client, do either of the following:
- Go to Start Menu > All Programs > SSO Mode.
- Use the following registry commands.
  
  SSO Launch Enabled Registry Script
```
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BoldChat-SSOAID"="xxxxxxxxxx"
"BoldChat-SSOENA"="True"
```
  SSO Launch Disabled Registry Script
```
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BoldChat-SSOENA"="False"
```

Web Client SSO setup. Once you have configured SSO on both sides, launch your WebClient SSO lookup mode with either of the following URLs:

URL	Description
https://yyyyyyyyyyy/aid/xxxxxxxxxx/	xxxxxxxxxx is your Account ID ; yyyyyyyyyy is the URL with server set
https://yyyyyyyyyyy/un/uuuuuuuuuu/	uuuuuuuuuu is any BoldChat username defined under your account; yyyyyyyyyy is the URL with server set

Check that parsing was successful to ensure that BoldChat servers understand the response as a SAML 2.0 Assertion Token.
Remember: First you must make sure that the SAMLResponse token is returned correctly.

Once parsing has completed successfully, you can check the following:

Issuer found: A required attribute in the SAML 2.0 protocol
IssueInstant: A required attribute that contains the issuer timestamp. It must be in UTC format by default. BoldChat accepts tokens within a valid time frame.
NameID: Required for mapping a BoldChat operator record with the authenticated user.
Public key: Required and must be stored in BoldChat settings as well for signature validation.

How to enable Single Sign-On through login controls

Single Sign-On (SSO) integration simplifies the sign-in process for Enterprise users by providing access to multiple products with a single login. This feature integrates with your current SSO technology and is easily accessible though the Operator Client, Agent Workspace, and Web Client.

Within the .NET or the Web Client, go to Setup > Login Control Settings > Setup.
Check the box next to Single Sign On Settings > Enable Single Sign On.
To see the edits and modifications you will need to make, click Help.
When finished making edits, click Save on the Single Sign-On Setup tab and then click Save on the Login Control Settings tab.

How to set up your network

This section describes each field in the My Network Setup dialog window.

Settings Tab

Use Internet Explorer Settings

If selected, your desktop Operator Client will attempt to connect with our data center server(s) using the non-dynamic proxy settings from your Internet Explorer configuration. If your proxy settings in Internet Explorer are set by a dynamic script, this option may not work for you. You may instead need to choose the Override with my own values option and provide the specific proxy server settings to be used.

Note: Changes to these settings impact only the connectivity of this operator client application.

Override with my own Values

If selected, your desktop Operator Client will attempt to connect with our data center server(s) via a proxy server, as specified by the Proxy Host, Proxy Port, Proxy User Name and Proxy Password settings that you specify. You may need to consult with your Network Administrator regarding the values to put in these fields.

Proxy Host: Specify the host name (i.e. domain name or IP address) of the proxy server that you want your desktop Operator Client to connect through. You may need to consult with your Network Administrator regarding the value to put in this field.
Proxy Port: Specify the port number to use when connecting through the specified proxy server. Normally, this would be port 80 if the Secure Connection option is not checked, or this would be port 443 if the Secure Connection option is checked. You may need to consult with your network administrator regarding the value to put in this field.
Proxy User Name (optional): If your proxy server requires user authentication for connectivity through it, specify your user name is this field. You may need to consult with your Network Administrator regarding the value to put in this field.
Proxy Password: If your proxy server requires user authentication for connectivity through it, specify your password is this field. You may need to consult with your Network Administrator regarding the value to put in this field.

Do not connect via a proxy

If checked, your desktop Operator Client will attempt to connect with our data center server(s) directly, without trying to connect via a proxy server.

Secure Connection (SSL): If checked, your desktop Operator Client connects with our data center server(s) using an SSL-encrypted, secure connection.

Connection Status Tab

Connection Status

This tab is an indicator of the status of your connection to our servers. Our support team will request you to send us details on this tab when troubleshooting any connectivity issues. The status will help us determine your bandwidth and latency to our servers. Clicking the Send Connectivity Report button will run a connectivity test and request you to email us the test results once complete.

Status: Status indicates the connection quality as it relates to responsiveness and transfer rates. There can be three states of connection; Connected, Disconnected, and Error. The Status graph is the visual indicator for the current connection state and its strength.
Responsiveness: The number of green bars indicate responsiveness (latency).
Transfer: The number of blue bars indicate the transfer rate (bandwidth).

Note: The greater number of indicator bars, as it relates to Responsiveness and Transfer, the better.

Sending a Connectivity Report

Our support team will occasionally request a connectivity report when trying to help you work through connectivity issues. This report will help us determine your bandwidth and latency to our servers. Clicking on the Send Connectivity Report button will run connectivity tests, we will then request you to email us the test results once complete.

How to automatically log out inactive operators

You can set the desktop Operator Client to automatically log out operators after a specified period of inactivity. This helps ensure that your information is secure when the client is unattended.

By default, this feature is enabled.

Go to Setup > Login Control Settings.
Select Logout operator after being inactive for ... minutes.
Set the amount of time from 1 to 999 minutes before the operator is automatically logged out.

Data Retention Options

Enterprise subscribers can set BoldChat to automatically recycle or delete chat data.

Enterprise subscribers with proper permission settings can activate data retention at the following location: Setup > Data Retention

The ability to change data retention settings is disabled for all permission groups and must be explicitly enabled: Can Access Data Retention Settings. Use caution when granting permission to use this feature.

You can choose to automatically move chat sessions to the Recycle Bin or to permanently delete the chat session data. In either case, this is done after the chat has been closed for the specified number of days.

Permanent deletion

When you choose to permanently delete chat session data, the data is permanently removed from the system without passing through the Recycle Bin.
This data cannot be recovered.

Recycle Bin

When you move chats to the Recycle Bin, they are not immediately permanently deleted: Instead operators are prevented from seeing the data in their BoldChat Client interface.
Chats in the Recycle Bin can be recovered (Operator Client > View > Recycle Bin)
Or you can set up an automatic purging of the Recycle Bin after items have been in the bin for a specified period of time (Operator Client > View > Recycle Bin > Setup).
Once items are purged from the Recycle Bin, they are similarly permanently deleted and cannot be recovered.

Delete partial data

The main chat session record can be retained for historical reference and reporting, while other data associated with the chat session is deleted.
For example, you can delete the chat transcript data (messages exchanged between the chat visitor and operator), but leave the rest of the chat record information for historical reference and/or reporting.
Partial data deletion results in permanent deletion with no recovery option
This feature can also be used in conjunction with the complete record deletion option. For example, you could setup to permanently delete the chat transcript data after 90 days, and then permanently delete (or recycle) the complete chat records after 180 days.
Additional details are provided in the context-sensitive help in the desktop Operator Client interface

How to exclude visitors based on IP address

Set visitor IP addresses that should always be blocked by Visitor Monitoring and Chat Button HTML, one IP address per line.

From the main menu of the operator client, go to Setup > General Account Settings.
Result: The General Account Settings window is displayed.
On the Extra Security tab, enter IP addresses to be blocked.
Tip: You can also use wildcards. For example: 123.123.123.*
Save your changes.

How to set up auto-translation

With Auto-translation, messages between visitor and operator are translated in real-time, thus allowing both parties to chat in their own language if the language pair is available.

This feature requires a GeoFluent subscription that you can acquire by contacting Lionbridge. Lionbridge will provide you with the account key and secret you need to start using auto-translation.

How does auto-translation work?

Auto-translation takes the following parameters into account:

Visitor language: Determined by the chat window's language setting or the language the visitor selected on the pre-chat form. You can define chat window language defaults in the chat window configuration.
Operator languages: The languages the operator speaks, prioritized by fluency level. You can configure operator languages in the operator settings.
Language pairs: The translation pair is supported by your GeoFluent subscription.

If the operator and the visitor share a common language, translation is not needed and it is switched off by default. Otherwise, if none of the operator languages match the visitor language and the language pair is available, messages are translated automatically.

GeoFluent is a third-party service. How is my sensitive information protected?

Your content is maintained in a secure, private workspace and never enters the public domain. As per BoldChat standards, messages are transmitted via secure protocols only.

Note: For information about GeoFluent and data residency, see Data Residency Options.

Are visitors aware when chat messages are being auto-translated?

Yes. Visitors are notified in a system chat message if messages are being auto-translated.

Depending on your requirements, original messages can also be displayed for visitors if Allow visitor to see original message is selected in the Chat Window configuration. This option also affects the content of chat transcripts.

How to configure your GeoFluent subscription

Go to Setup > General Account Settings > Auto-translation and select Enable auto-translation.

Configure your GeoFluent subscription and defaults.

Option	Description
GeoFluent Host	The host name provided by Lionbridge for your GeoFluent subscription.
GeoFluent Account Key	The account key provided by Lionbridge for your GeoFluent subscription.
GeoFluent Account Secret	The account secret provided by Lionbridge for your GeoFluent subscription.
Default Language	The language operators speak by default. Custom operator language settings override this value.
Supported Language Pairs	The language pairs available for your GeoFluent subscription. To add or remove language pairs, contact Lionbridge about adjusting your GeoFluent subscription.

Click Validate credentials and refresh language pairs to check your GeoFluent settings and synchronize language pairs available for your subscription.
Remember: You must do this every time your GeoFluent subscription changes (such as adding a new language pair to your subscription).

Important: Auto-translation is configured per chat window. To enable the feature, select Enable auto-translation under Setup > Account Setup > Chats > Custom Chat Windows > [your chat window item].

Data Residency Options

Many organizations face challenges meeting strict cross-border data privacy and residency requirements. BoldChat helps you face these challenges by giving you control over where your data resides.

Beginning Oct 29, 2016, all new customers signing up for a BoldChat account can choose a data residency region where their Service Data will be stored, hosted, and replicated (that is, the information you submit, transmit, collect, post, store, or produce while using the BoldChat service). Your Service Data will remain in your selected region without unwanted transfer*. Existing customers will continue to have data residency in the USA; migration is not currently an option. Please get in touch with us if you have an existing account that requires modification for alternative approaches.

Important: When requesting a product trial, by default your account is created with the data residency location preference set as USA. Please let us know if you need to use a different region.

Note: *To the extent you utilize any third party or internal services or providers that are not set to the same data residency restriction and in anyway interface with BoldChat or its Service Data, LogMeIn bears no responsibility for information processed through those third party services or by third party providers outside of the designated geographic region.

Current data residency regions

United States (US)
European Union (EU)

Feature Specific Considerations

Video Chat. Your data residency choice applies to all Service Data associated with the Video Chat feature.

Table 1. Video Server Locations
Location	Video Server Locations
US	US, Singapore
EU	EU

Email. Emails sent/stored from our servers use your selected data residency region. However, to ensure compliance, you should also verify the location of your own email provider as specified in your IMAP or POP URL settings (for example, a Microsoft Exchange server used by your organization or a corporate gmail account) since once emails leave our systems they get routed via your email servers and BoldChat does not control their path or final destination. If you have any questions, please contact your email provider.

Third-party Integrations. When using third-party services integrated with BoldChat, appropriate controls should be put on data leaving/being stored outside of BoldChat to ensure compliance with your data residency requirements, since they are outside of the scope of this option.

APIs. Workflow, Integrations, Data Extraction and Provisioning APIs are available for accounts in all data residency regions. Integrations must use the API endpoint corresponding to the data region in which your account is hosted. For more information, see Bold360 and BoldChat Developer Center.

SSO Integration. SSO is available in all data residency regions. For details regarding setup, see How to set up SAML 2.0 Single Sign-On via an Identity Provider.

Known Limitation

The SMS service is currently offered via gateways located in the US only

GeoFluent for BoldChat.

Announcements

Genesys DX/Bold360 End of Life: January 2024

The Genesys DX (Bold360) platform will end of life on January 31st, 2024. This difficult decision was announced in March, 2023.

Genesys continues to make a strong commitment to Genesys Cloud, while tightening the portfolio to further accelerate feature growth on the platform. Part of that included bringing over key Genesys DX features to Genesys Cloud CX, such as Knowledge Optimizer that focuses on ease-of-use knowledge management. Digital only licenses for Genesys Cloud were also introduced late last year, which are suitable to those who are not looking for voice capabilities or who need agent seats that only feature support for digital channels.

Details on the end of life timeline

As of January 31st, 2024, access to Genesys DX product interfaces and customer-deployed components stop to function. Users will no longer be able to log into product interfaces, and all of the boldchat/bold360/nanorep domains will become unavailable for use. If you are curious on what the code on your website related to this might look like and how to remove it, we encourage referencing this post on the DX community.

After January 31st, 2024, admins will still be able to get access for an additional 30 days. This period is meant to allow for extracting the necessary data from the platform. Historical data extraction from your account will be available to retrieve by data extraction APIs (Bold360 APIs and Nanorep APIs).

+1.888.436.3797

Every year, Genesys® orchestrates billions of remarkable customer experiences for organizations in more than 100 countries. Through the power of our cloud, digital and AI technologies, organizations can realize Experience as a Service℠, our vision for empathetic customer experiences at scale. With Genesys, organizations have the power to deliver proactive, predictive, and hyper personalized experiences to deepen their customer connection across every marketing, sales, and service moment on any channel, while also improving employee productivity and engagement. By transforming back-office technology to a modern revenue velocity engine Genesys enables true intimacy at scale to foster customer trust and loyalty.

Welcome to the Genesys
DX Support Center