Recent Content
Help Us Help You!
Dear Customer, You're looking to create a case because you've encountered a technical issue, would like a request to be completed, or have some other information you would like to receive. You would like to have your case completed as quickly as possible and so would we! While we can't always guarantee things will be resolved quickly depending on the nature of an issue, there are some things you can do to help move things along proactively! We've compiled some common requests for details that our Support team often asks for below with respect to each product Khoros offers, as well as some tips on things you can do to help focus the team's efforts on the right things. If you could provide this information when creating your case that would help move the request along, as it will eliminate some back and forth and allow our team to move forward and ask more targeted questions if more information is needed on top of what was already provided (sometimes this may be necessary). Some of this information may not always be relevant or available (e.g.: if you want to enable a new Community feature we probably won't need a HAR file), but please try to provide as much as you can! Care Community Marketing Care Care is a single-page web application that allows a lot of social media integrations. We have put up a list of scenarios with a set of information that the support team might require to investigate that scenario. Please be thorough while describing the issue you are facing. The clearer you are, the easier it will be for the Support team to step through the issue in the same way that you are. This includes filling out the "Steps to reproduce", "Expected Behavior", and "Actual Behavior" fields in detail. Including the steps you took can be very helpful. If the issue is regarding content(post) not ingesting into the Care application then it would be helpful to provide us with the following links: Native links of the original posts Screenshots to the native posts If the issue is regarding the user being unable to log in, then it would be important to provide the following information: Users email address Screenshots of the error while attempting to login How many users are unable to log in, is it specific to a set of users or all users? If the issue is that the content is ingesting with a delay then you can provide us with the following information Conversation ids where the delay was noticed. 2. The Social media handle name. 3. Is the delay in ingestion experienced for all the conversations from that specific social media handle or a different social media handle. If the issue is regarding conversations falling in an incorrect work queue, then you can provide us with the following information: Conversation ids that were incorrectly routed. Name of the work queue where the conversation should have been routed. Were any recent changes done to the work queues or the tags? If there were changes done then what were those changes. If the issue is related to user permissions and some of the roles aren’t reflected even after saving the user profile, please provide us with the following information: User email address. Screenshot of the error if any error pops up. How many other users are seeing a similar issue? Are the user permissions managed via any identity provider or do they login via SSO? If the care app appears to be slow, the following information would be absolutely necessary and important How many users are experiencing slowness is it specific to a group of users? If it is specific to a group of users are they located in the same geographic location. Is there a specific screen in the care application where the slowness is being experienced or it is with the overall application? Is the behavior consistent across different browsers too? Do you use any VPN to access the application? Were there any recent changes done to the network on your end? What exactly happens when you experience slowness on the application. Back to top Community The Community application is large and complex, carrying a number of different features and configuration options, as well as numerous avenues for customization. Here are some things to consider both while you are filing a case for anything Community related or perhaps while trying to review an issue on your own prior to creating a case: Technical issues: Please be thorough while describing the issue you are facing. The clearer you are, the easier it will be for the Support team to step through the issue in the same way that you are. This includes filling out the "Steps to reproduce", "Expected Behavior", and "Actual Behavior" fields in detail. Please also bear in mind that some communities are customized to add configuration options or pages that may not be present on any other community, so including steps to reach the page(s) you were looking at or how you obtained a certain piece of output can be very helpful! For example, if you are getting an error while trying to post, we would prefer that you describe the behavior as something like "When I try to submit a post I receive an error with this text: texthere" as opposed to something like "When I try to submit a post it doesn't work". From a backend perspective, "doesn't work" could mean a number of different things, so being as descriptive as possible in all fields will give the team a better picture of what is happening and allow them to focus their efforts. When possible, please try to confirm if an issue occurs in all of your environments (stage, production, preproduction) as well. We understand that not all issues can be tested everywhere for a variety of reasons, but it is helpful to know what you see in all of your environments for comparison purposes. Please include full URLs to the page(s) you would like us to pay attention to. The more specific the URL is, the better. You may already have these URLs open while creating your case as well and it is likely it will take less time to copy and paste them in the field for URLs than it would for someone from the Support team to track them down on their own. This also helps ensure the team is looking at the right instance(s), which can be especially important if you have more than one instance or refer to your communities in a different way than the Khoros team does internally. For example, "dev" is a common reference to stage instances among customers, but internally, we don't have any customer environments that are referred to as "dev", so this can cause confusion that can be solved by linking to the specific instance(s) you would like us to focus on. Please try to provide timestamps wherever possible. The log files for the Community application are very large and contain a lot of information about various things that happen in an individual community, so having something to focus on is extremely helpful. Please remember to include the timezone for any timestamps you provide. One person's 1 pm is another person's 1 am, so leaving out the timezone could lead to any results being off by several hours for a task where even a couple of seconds could make a difference. Screenshots and videos are also very helpful when trying to communicate an issue! For any screenshots or videos you provide, please try to include the full screen (including the address bar and taskbar with the clock visible). If you need to draw focus to a specific part of the page, please consider using a highlighter or other drawing tools rather than cropping the image. For technical issues where a problem occurs, a HAR file is often helpful. Please see this article for more information on HAR files and the steps to generate them. For any HAR files you provide, please try to start capturing traffic from start to finish - that is, start capturing traffic before you attempt to reproduce the issue and continue to capture traffic until the issue has been reproduced. Please try to give a meaningful name to any files you attach to a case. It is much easier to tell at a glance what "board-with-error.png" is for than it is when the filename is something along the lines of "image1.png". This becomes increasingly appreciated and helpful as more files are attached over time. Please try to reference specific users that the Support team can look at for any issues that occur, even if all users may be impacted. Having some sample users to look at can be useful for comparison purposes and for looking information up in our logs. Please try to provide a link to the user's profile, as this will help reduce confusion and ensure that we're looking at the right user (example of a profile URL: https://community.khoros.com/t5/user/viewprofilepage/user-id/1) Please consider things that may have changed recently, both on and off of the community. For example, if a deployment using Self Publish was recently carried out and something no longer works correctly, this is both helpful for the Support team and for you to consider as well as something to look into on your end. Along the same lines, changes in the community can be relevant as well. For example, if your community uses SSO and your SSO team makes a change, that may be relevant if SSO suddenly stops working. Having information like this from the start helps focus the team's efforts. Some other specific things that may be worth considering depending on the issue you are facing (but not limited to) are Community Admin panel changes, DNS changes your to community's hostname, deployments carried out by Khoros teams that you are aware of (e.g.: Services engagements, new features, upgrades), and changes to your authentication workflow (either on your side or on the Community side). Please try to include when the issue started if you have an idea of when something last worked differently. This is similar to the previous point in that you will generally have more experience with what you need and want your specific community to do, so knowing when something last worked differently can be extremely helpful in tracking down what may be causing an issue even if you aren't aware of any specific changes that might have been made. Please consider trying to reproduce any issues you encounter in a separate browser or using a private/incognito browsing session or on a different device if one is available. Some issues are specific to individual browser operating systems or may be caused by add-ons/programs specific to your computer, so taking this step can help rule things like that out. For connectivity and performance issues, please consider trying to reproduce the issue on a different network (e.g.: if you normally use a corporate VPN, try turning it off or using your cell phone). This can help rule out network issues as a cause of any issues you run into. Please note that in cases where a specific network has an issue, it is likely the team will recommend reaching out to the network owner, so you may want to consider doing this proactively as well. For any API calls you are using (either manually or through custom code/automation), please provide the full API call exactly as it is being made. You can scrub any session key information, but please try to keep the exact call intact and include any headers or query parameters you are using. In cases where you are using code to make the API call, please consider sharing that source code as well. The Support team generally cannot debug your custom code, but it can be helpful for us to get an idea of what it is doing and where. For display issues or script errors, the Support team will typically try to test an issue by changing the skin the page is using to an out-of-the-box (OOTB) skin to try and narrow down the scope of the issue. This may be something you want to try on your own as well. This can be accomplished by going to the Admin Panel -> Display -> Skins -> Select one of the OOTB skins (White UI or Responsive Peak) and save changes. If you are going to do this, we recommend doing so on stage or in a private area in your community, as the OOTB skins will look very different from your branded skin and this could cause confusion for your end-users. In cases where changing the skin appears to resolve the problem, the Support team may ask you to reach out to your internal teams to look into the issue. You may want to consider doing that proactively as well in order to review any changes that may have been made. Requests to enable features or for information: For any requests to enable features, if you happen to have the documentation available to point to that would be appreciated! We understand if you don't have it on hand when creating a case, but if you do happen to have it open, it helps ensure that everyone is looking at the same thing. Though not often as relevant to these types of cases, filling out the "Steps to reproduce", "Expected behavior", and "Actual behavior" fields can still be very helpful in ensuring that the team focuses their efforts on what it is you're interested in. Back to top Marketing Technical Issues: Please be thorough while describing the issue you are facing. The clearer you are, the easier it will be for the Support team to step through the issue in the same way that you are. This includes filling out the "Steps to reproduce", "Expected Behavior", and "Actual Behavior" fields in detail. Including the steps you took can be very helpful. For example, if you are getting an error while trying to post, we would prefer that you describe the behavior as something like "When I try to schedule or save a post I receive an error with this text: texthere" as opposed to something like "When I try to submit a post it doesn't work". From a backend perspective, "doesn't work" could mean a number of different things, so being as descriptive as possible in all fields will give the team a better picture of what is happening and allow them to focus their efforts. Screenshots and videos are also very helpful when trying to communicate an issue! For any screenshots or videos you provide, please try to include the full screen (including the address bar). This will provide more details as to where you are in the platform. If you need to draw focus to a specific part of the page, please consider using a highlighter or other drawing tools rather than cropping the image. For technical issues where a problem occurs, a HAR file and console logs are often helpful. Please see this article for more information on HAR files/console logs and the steps to generate them. For any files you provide, please try to start capturing traffic from start to finish - that is, start capturing traffic before you attempt to reproduce the issue and continue to capture traffic until the issue has been reproduced. Please consider trying to reproduce any issues you encounter in a separate browser or using a private/incognito browsing session or on a different device if one is available. Some issues are specific to individual browser operating systems or may be caused by add-ons/programs specific to your computer, so taking this step can help rule things like that out. Please try to reference specific users that the Support team can look at for any issues that occur, even if all users may be impacted. Please include details on how this impacts your daily workflow. Whether the issue is intermittent or happening all the time. Is this preventing you from completing a task. If so, is there a deadline you need to complete this by? For access-related issues please review the Admin FAQ. If you are unsure who your admin is, support can look up your admin who can provide you with the appropriate access. Specific to Marketing: For Calendar posts or Ads provide Message ID. To locate the message ID click on the post to open the side pane then click on the basics tab under Khoros ID copy the message:xxxxxxx. The name of the initiative the post/ad is in If the post includes media provide the original image/video file For Inbox items provide A screenshot of the item The name of the stream/collection or topic queue the item is in The name of the initiative the item is in For Analytics provide A full-page screenshot of the dashboard. Include the date ranges and any filters that are applied. Attach data exports For Mobile provide The name of the app, Device information (Android or iOS) Which OS version you are on Mobile app version. If you are not on the latest version of the app you may need to delete and re-download the app. For API provide Curl. This should include the token and the request/body being made. Text or screenshot of errors returned Back to top As mentioned earlier, we may still need to ask for additional information depending on the nature of the case. However, by providing any of the above information when you can, we can hopefully move your case towards a satisfactory resolution quickly! We hope you have found the above information useful and we appreciate you sticking with us until the end of this article! As always, please don't hesitate to reach out and let us know if you have any questions or concerns! Sincerely, The Khoros Support TeamAurora: Update community vanity URL
There are several actions you must take before we can change a vanity name on our end. The change is straightforward if your community is a non-SSO community, but if you use SSO there's a broader range of things to cover. As always, all changes should first be tested on stage if possible, and this is especially true if you're using SSO. Note: We highly recommend contacting our Professional Services team to complete this process, especially when using a custom SSO setup. Preparation Create a CNAME in your DNS. Point the CNAME at your internal community hostname (for example, communityid.community.com). Allow 48 hours to pass after steps 1 and 2 so the DNS can propagate the internet. Update the community URL Check your community settings and change any hard-coded URLs pointing to the old vanity name. A redirect largely covers this, but eliminating any non-needed page requests/redirects is always a recommended best practice. If you're using SSO and this change affects your SSO sign-in/sign-out/registration URLs, be sure to update them in Community Settings > System > Account and Privacy after the change is made on the Khoros side. IMPORTANT: if you're using SSO, make sure this domain change will not affect your authentication process. In most cases, SSO is domain-centric and works only for requests coming from the domain specified in the cookie, so if the domain is not updated in your SSO it could completely break authentication. For example, if your community URL was community.abc.com and your SSO was set for requests only from .abc.com, changing your vanity name to community.def.com would break authentication, since a cookie from one domain cannot be read by another. You need to update your SSO to ensure it's set to work with the new domain. If you're using a Salesforce integration, check with whomever handled that integration to ensure the change won't cause any unwanted problems. In some cases, that person might have to make changes to accommodate the change. Multiple vanity names are not officially supported, but if you plan to use more than one vanity name you MUST contact Khoros Support to have all of your domains added to a vanity domain allowlist. Any domain not in the allowlist redirects back to the active vanity name we have on record. After all of the above have been reviewed, tested, and you're ready to proceed, the remaining is completed by Khoros: Update the vanity name. Add any desired redirects (301) from the old vanity name to the new one so anyone who has bookmarks/favorites is redirected to the same page using the new domain. Add any other optional redirects you'd like in place. Depending on the number and/or type of redirects requested (for instance, more than a dozen), this may require an engagement through our Professional Services group. Restart the community during the next available maintenance window to apply changes. As noted, if you're using SSO we need to coordinate with you so that you can make any required SSO changes on your end at the same time we update the hostname on our end.Looking for ways to stay engaged with Khoros Development
Hey everyone, I'm currently between roles after the recent changes at Upwork and looking for ways to stay sharp with Khoros development while figuring out my next steps. I've shared a lot of my work here before (also did StanGromer ), and I'd love to keep learning and contributing. If anyone has ideas on how to stay engaged with the platform or knows of projects where an extra set of hands could be helpful, I'd appreciate any suggestions!
Tracking Complete Registrations in Google Analytics (via GTM)
Hi, Is there some sort of click listener or event that can be passed in the front end that can be picked up by Google Tag Manager when a user completes their registration (after successfully submitting their username)? Can we apply an event to the complete registration toast? If so, what is the best way to do this? Is there another way that we can track complete registrations in Google Analytics? Thanks!Launching on Khoros Communities Session #3: Executing the Launch | Instructor-Led Training
We are excited to announce live training on Executing the Launch in Khoros Communities are coming in February 2025! Tuesday, April 1, 2025 Early Session: 7 am CDT / 1 pm UTC Late Session: 3 pm CDT / 9pm UTC Engagement communities play a vital role in retaining and keeping your customers satisfied in an ever-changing digital world. Khoros Communities Aurora delivers a sleek, modern, and high-performance system that adheres to community best practices while still giving brands complete flexibility to make changes or updates to address their ongoing needs. In this session, focussed on the Execution and Launch phases of the launch/upgrade process, you will learn about: The 3 main tracks running concurrently through the Execution Phase The User Acceptance Testing (UAT) process and the final Launch Phase Internal resources needed and how best to prepare for the Execution and Launch Phases Whether you are preparing for your upgrade to or launch on Khoros Communities Aurora or simply learning more about the process, we are here to help. Missed the first two sessions in this series? Review the Q&A and access recordings through the following links. Launching on Khoros Communities Session #1: Why Khoros Communities Aurora? Launching on Khoros Communities Session #2: Preparing to LaunchAurora: Configure remote site access for your Salesforce integration
The Aurora/Salesforce integration must be able to access your Khoros community. Part of this integration involves mentioning community APIs in the allowed list so Salesforce doesn't block them. To configure remote site access: In your Salesforce.com environment, go to Setup. Go to Administration Setup > Security Controls > Remote Site Settings. By default, two Remote Site Settings with the NameSpace prefix "LiSFintegration" appear. For the Khoros (Lithium) setting, click Edit. Enter the Base URL value according to your Khoros environment. Note: Be sure to include the https:// and HT credentials. Use the following format: https://<HTUSER>:<HTPASSWORD>@<***Community URL> Example: https://test123:qwerty98765@community-stage.khoros.com/ Khoros Community Stage Base URL Sandbox https:// [community_id].stage.lithium.com Production https:// [community_id].lithium.com Note: Your Khoros Community Success Manager (CSM) can provide you with your Community ID. Note: If you have a more descriptive CNAME/vanity address for your community, use that name when creating the URL (for example, https://community.mycwebaddress.com). (Optional) For debugging purposes, you can turn-off the requirement for HTTP communication. While this is not recommended in any production-like environment due to security risks, it may assist in diagnosing connectivity issues. After your diagnostics are complete, we strongly advise re-enabling HTTPS and maintaining it for security reasons. Click Save. Click Edit for the SFSelf setting and provide the Remote Site URL as your existing signed-in Salesforce URL (for example, https://na16.salesforce.com). Click Save. Repeat steps 3 – 9 for your production community, replacing the name with something descriptive such as “Khoros community – Production” and the URL with the final URL for your production community (for example, https://community.mywebaddress.com). Note: You can also repeat this process to connect multiple Khoros communities to your Salesforce instance. For custom domains (Salesforce 3.9 or later): Click New Remote Site. Enter SFSelfInstance for the Remote Site Name. Enter your Remote Site URL (for example, "yourinstance.salesforce.com"). Enter a Description for this site. Select the Active checkbox. Click Save.About Aurora OIDC/OAuth2.0 SSO
OpenID Connect (OIDC) is an SSO implementation based on OAuth2. Refer to the official OpenID Connect specs for more information. OIDC Quick Start Common OpenID Connect terms: OP = OpenID Provider, also known as the Identity Provider (IDP) RP = Relying Party, also known as the Service Provider (SP) OpenID Connect typically follows this workflow: User requests to sign in. User is redirected to OP’s sign-in URL, and OP redirects the user to the RP with an authorization code sent as a query parameter value. RP sends a back-channel request to the OP’s token API with the OP-provided authorization code to retrieve the ID and Access Tokens. The ID Token is retrieved from the token response and is parsed as a JSON Web Token (JWT). The JWT is validated and decoded. (JWT validation should follow the signature specified in the OpenID Connect specifications.) The JSON payload is retrieved from the JWT and is parsed for claims to be set to the user’s community profile. If a user profile endpoint is configured, an additional call is made to the endpoint passing the access token using Bearer Authorization. (OIDC feature supports both GET and POST requests to the user profile endpoint. This is configured within the Provider settings.) Claims returned from the user profile endpoint are parsed and set to the user’s community profile based on configured Claim Mappings. Community checks to see if the user already exists with the specified SSO ID; if so, the user signs in to an existing account; if not, a new account must be created. User resumes browsing Khoros Community in signed-in state. OAuth 2.0 typically follows this flow: User clicks the sign-in/registration link or takes an action that requires sign-in. User is redirected to a Khoros endpoint that builds the IDP/OP's sign-in URL based on configured attributes and the user state (that is, the page they were on when they initiated sign-in), and then redirects the user to the built sign-in URL. User signs in or registers. If the app is not on the allow list, the user will be prompted to give access to the Aurora Community app. The user is redirected to a callback URL on Community and an authorization code is included in the request as a query parameter. Community reads the authorization code. Community makes a back-channel API call to the OAuth provider to exchange the authorization code for ID and access tokens. The ID Token is retrieved from the token response and is parsed as a JSON Web Token (JWT). Optionally, the access token is then passed using Bearer Authorization in a subsequent API call to obtain additional user attributes such as SSO ID, e-mail address, display name, etc. Community checks to see if the user already exists with the specified SSO ID; if so, the user signs in to an existing account; if not, a new account must be created. User resumes browsing Khoros Community in signed-in state. Enable OIDC/OAuth 2.0 SSO for the Aurora Community Before you begin setting up OpenID Connect SSO for Community, you must gather this information: Client ID Client Secret Authorization Endpoint URL Token Endpoint URL (OIDC only) Expected “Issuer” for JWT validation (OIDC only) JWKS URI pointing to sign-in keys Claims mapping to map the minimum Community profile attributes to claims returned by the Token Endpoint URL and/or User Info URL. The required attributes that must be mapped are: SSO ID Login Name Email Address Note: When adding Claim Mapping during Provider Creation, the keys for the above values are “ssoid,” “login,” and “email,” respectively. After you have gathered the information listed above, you must create a Provider within the Community. Note: For a detailed description of all the OIDC/OAuth 2.0-related provider settings, review Aurora OpenID Connect/OAuth 2.0 setting descriptions. To create a Provider: Go to Settings > System > Account > OIDC/OAuth Providers > Add Provider. For each tab, enter this information: Name: Used to more easily distinguish a given provider in the UI. ID: Used in the Community sign-in URL, sign-out URL, and callback URL to distinguish between each provider configuration. Check out the examples below to see how these URLs are constructed. Client ID: Determined by the app created in your OP. Client Secret: Determined by the app created in your OP. Authorization: Enter authorization URL, Response Type, and Scope. Token: Token endpoint URL, expected Issuer, and JWKS URI. In addition, claim mapping must be added either here. The required profile attributes mentioned above must be mapped to an associated claim for SSO to function properly. For example, if the “sub” claim will be used for SSO ID, beside Claim mapping (ssoid required), click Add Parameter. Then enter “ssoid” into the Key field, and “sub” into the Value field. User Info: Fill in if any claim mappings come from a user info endpoint. Insert the user info URL and add any claim mapping. Click Create. When creating the app in the OP, you might be asked to specify a callback URL. The callback endpoint uses this format: https://<communityhost>/t5/s/auth/oauth2callback/providerid/<providerid> For example, if a Community at https://community.acme.com was configured with Provider ID “acme,” the URL would be: https://community.acme.com/t5/s/auth/oauth2callback/providerid/acme Note: If your Aurora community is configured for Reverse Proxy with Subdirectory, your endpoint paths are pushed up into the reverse proxy path similar to other URLs in your community. Enable SSO When you have finished your OAuth or OIDC configuration and you are ready to test, in the Single Sign On (SSO) section, turn on Use Khoros single sign-on (SSO). For more information, see Configure SSO settings for the community. Related topics: Aurora OpenID Connect/OAuth2.0 setting descriptionsAurora: Configure SSO settings for the community
Before you can use SSO with your community, you need to configure settings and enable the option. Note: As soon as you turn on the Use Khoros single sign-on (SSO) option, all the settings in the Single Sign-On area become active in the community. To configure SSO settings and enable SSO: Go to System > Account & Privacy. Scroll down to the Single Sign-On (SSO) section. Manage the following options: Allow member to change their SSO email address: Enable members using SSO to change the email associated with their account. This should be enabled only if the email address is collected on the Community SSO Registration screen. Allow member to change their first name and last name: Enable SSO users to update their first and last names under My Preferences > Personal. Use auto sign-in for fallback SSO: When Khoros SSO token-based sign-in fails, auto sign-in is used instead. Enter the following SSO URLs: Registration page: Direct users to this URL when they register. Sign-in page: Direct members to this URL when they sign in. Sign-out page: Direct members to this URL when they sign out. Bounce URL: (Optional) URL where the first request of a session is redirected. Can help to enable seamless Community authentication or "Bounce SSO". Leave blank to disable. Enter the Return value parameter name. By default, the Aurora Community application appends a query string parameter named referer (spelled as shown) and a value corresponding to the URL of the page the member was browsing prior to being redirected to the login or registration page. If your authentication system is already configured to use a parameter like “referer,” you can change “referer” to the name of that parameter. Otherwise, leave the parameter name as “referer.” Turn on Use Khoros single sign-on (SSO) to make these settings active in the community. Note: This must be enabled in order for any configured SSO mechanisms to be fully functional, including when using the multi-auth Sign-in Display feature detailed in Multi-Auth SSO. URL formats SAML (REDIRECT BINDING) Sign-in URL: <Aurora url>/t5/s/<communityID>/auth/saml/doauth/redirect Sign-out URL: <Aurora url>/t5/s/<communityID>/auth/saml/dologout/redirect SAML (POST BINDING) Sign-in URL: <Aurora url>/t5/s/<communityID>/auth/saml/doauth/post Sign-out URL: <Aurora url>/t5/s/<communityID>/auth/saml/dologout/post OIDC SSO Sign-in URL: <Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_login_redirect/provider/<providerID> Sign-out URL: <Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_logout_redirect/provider/<providerID> Related topics: About Khoros Aurora Single Sign-On (SSO) Khoros Aurora SSO auto-sign in MultiAuth SSO
