Riva Insight: Feature - Login with Salesforce

Riva Insight users no longer need to manage Riva Cloud identity passwords.

• Requirements.
• Overview.
• To use the Login with Salesforce feature with Outlook.

Requirements

In order to leverage the "Login with Salesforce" capability, the following is required:

• (A check box is selected in the UI.)
• Riva Insight Server:
  • Version 2016.1 or later.
  • Insight Cloud: Riva Cloud is configured with a Salesforce connection that has been enabled with the "Login with Salesforce" feature.
  • Insight On-Premise: Insight On-Premise is configured with Salesforce as the authentication provider.
• Riva Insight Client:
  • Outlook Web Add-in; Or
  • Windows Add-in version:
    • Recommended: Version 2021.4 or later,
    • Minimum: Version 1.1.8 or higher.
• Also Recommended: 
  • Edge Chromium (WebView2)
  • Refer to The Internet Explorer Era has finally come to an end and Edge Chromium (WebView2) Support for the Riva Insight Windows Add-In for more information.

Help with meeting the Riva Insight version requirements:

• Determine which Riva Insight version is installed.
• Install an updated version of Riva.

Overview

We recommend thinking of this feature as a "Login with Salesforce" capability — instead of considering this as an "SSO module". There is very little, if any, customer deployment overhead.

This feature can be used by any Salesforce customer whether the customer has SAML configured or not.

Riva Insight can optionally be configured to use the existing Salesforce authentication via OAuth and the "Riva" Salesforce Application.

When end users start Outlook and there is no valid Riva Insight authentication session, Riva Insight opens a new window that presents the users with the Salesforce login process.

• For customers with a dedicated instance of Riva Insight: If the customer has preconfigured Riva Insight with their "Salesforce My Domain URL", Riva Insight directs the end users to their "My Domain" Salesforce login page.
  • When the end users are directed to the "My Domain" login page, if configured within the customer's Salesforce instance, Salesforce will use SAML.
  • The end users run through the standard Salesforce authentication process. This may direct them to log in on their local identity provider like PingIdentity / MS ADFS / OneLogin / other SAML provider.
  • Depending on the existing configured Salesforce SAML behavior, the end users may not need to manually authenticate as they may already have a valid Salesforce session or trusted by the SAML IdP.
• For customers on the standard shared or default instance of Riva Insight, the default Salesforce login page appears. The end users can log in directly to Salesforce via login.salesforce.com or at that time switch to their Salesforce My Domain by using the "Custom Domain" link.

Note: In either scenario described above, end users may not need to manually authenticate as they may already have a valid Salesforce session.

Once the users have been verified and authorized with Salesforce, the first time, the end users are prompted to "Allow Access" to the "Riva" Salesforce Application. On subsequent logins, users do not have to re-grant the "Riva" Salesforce Application.