If you're configuring SSO for a self-hosted Flex deployment, you need to update the appconfig.js configuration object to support authentication and single sign-on using a third-party identity provider (IdP).
For complete details about the configuration object and its properties, see the Flex UI API Reference.
The type of SSO you're using determines the changes you need to make:
sso object.sso object, and then add and configure the oauth object.As soon as the oauth object exists in your appconfig.js file, Flex UI will try to use enhanced SSO for authorization. If you're setting up an enhanced SSO connection (either for the first time or to migrate), make sure you configure the oauth object after completing the SSO setup or migration steps in Console.
sso object as follows:1appConfig.sso = {2accountSid: string,3loginPopup: boolean,4loginPopupFeatures: string,5};
accountSid is the Account SID of your Twilio project.loginPopup indicates whether to launch the IdP login in a new window. The default is false.loginPopupFeatures defines standard window.open() features to apply to the popup window.oauth object as follows:1appConfig.oauth = {2connection: `${CONNECTION_NAME}`,3clientId: `${CLIENT_ID}`,4redirectUrl: `${DOMAIN_REDIRECT_URL}`,5};
connection and clientId values using this request, and then add them to the configuration. Make sure to add your Account SID before running the request:curl --location 'https://services.twilio.com/v1/Flex/Authentication/Config?AccountSid={{YOUR_ACCOUNT_SID}}'
redirectUrl value, add any domains where Flex is hosted. You must register these domains in the Trusted Domains section of the Single sign-on setup page in Twilio Console.Both the Trusted domains section and the Domain redirect URL field are required to set up SSO to a self-hosted domain. This is in addition to the fields marked as required when you configure SSO via Console. See How do I log in to a self-hosted domain? to make sure your domain URL conforms to one of the allowed patterns.