Recent Content
Aurora: Create a blog post
Community members can create posts in blog boards they have permission to access. When authoring posts, you have the option to publish immediately or save your progress and edit or publish at a later time. Published blog posts are available immediately on the community. When other members find and read this content, they can like or comment on it. Members with appropriate permissions can view the author's profile, and add more Tags. As an author, you can always come back and edit this content later to add more info or make any corrections. https://www.iorad.com/player/2053665/intermitted-save---blogs Notes: You can use markdown syntaxes while writing the content instead of formatting the text using toolbar options. Also, you can use other keyboard shortcuts to work quickly and efficiently. Learn more about keyboard shortcuts. While creating a blog post, the content is auto-saved. Upon reloading the page, the content is auto-recovered and you can continue to edit. Admins and members who started the post or have edit access to the post can add or remove tags. Learn more about tags. By default, members who comment on an article automatically follow the post. Permissions Permission Purpose Additional permissions required Start new posts To create your own blog posts. Content > Start discussions and new content View draft posts View drafts of blog posts Managing published posts Members with elevated permissions (like admins and moderators) can perform a variety of content management tasks on published blog posts. These tasks include: Move the post to another location on the community View the revision history of a blog post Edit and restore older versions of a post Delete the blog post Reject Report Content Block further edits to the blog post Block comments Most of these tasks are available from the Options menu: Note: If you don’t see any of these menu options, you do not have the required permissions to complete these tasks. Related topics: Create a Blog board Commenting on blogs Edit posts Publish posts Report inappropriate Follow Content TagsAbout Aurora OIDC/OAuth2.0 SSO
OpenID Connect (OIDC) is an SSO implementation based on OAuth2. Refer to the official OpenID Connect specs for more information. OIDC Quick Start Common OpenID Connect terms: OP = OpenID Provider, also known as the Identity Provider (IDP) RP = Relying Party, also known as the Service Provider (SP) OpenID Connect typically follows this workflow: User requests to sign in. User is redirected to OP’s sign-in URL, and OP redirects the user to the RP with an authorization code sent as a query parameter value. RP sends a back-channel request to the OP’s token API with the OP-provided authorization code to retrieve the ID and Access Tokens. The ID Token is retrieved from the token response and is parsed as a JSON Web Token (JWT). The JWT is validated and decoded. (JWT validation should follow the signature specified in the OpenID Connect specifications.) The JSON payload is retrieved from the JWT and is parsed for claims to be set to the user’s community profile. If a user profile endpoint is configured, an additional call is made to the endpoint passing the access token using Bearer Authorization. (OIDC feature supports both GET and POST requests to the user profile endpoint. This is configured within the Provider settings.) Claims returned from the user profile endpoint are parsed and set to the user’s community profile based on configured Claim Mappings. Community checks to see if the user already exists with the specified SSO ID; if so, the user signs in to an existing account; if not, a new account must be created. User resumes browsing Khoros Community in signed-in state. OAuth 2.0 typically follows this flow: User clicks the sign-in/registration link or takes an action that requires sign-in. User is redirected to a Khoros endpoint that builds the IDP/OP's sign-in URL based on configured attributes and the user state (that is, the page they were on when they initiated sign-in), and then redirects the user to the built sign-in URL. User signs in or registers. If the app is not on the allow list, the user will be prompted to give access to the Aurora Community app. The user is redirected to a callback URL on Community and an authorization code is included in the request as a query parameter. Community reads the authorization code. Community makes a back-channel API call to the OAuth provider to exchange the authorization code for ID and access tokens. The ID Token is retrieved from the token response and is parsed as a JSON Web Token (JWT). Optionally, the access token is then passed using Bearer Authorization in a subsequent API call to obtain additional user attributes such as SSO ID, e-mail address, display name, etc. Community checks to see if the user already exists with the specified SSO ID; if so, the user signs in to an existing account; if not, a new account must be created. User resumes browsing Khoros Community in signed-in state. Enable OIDC/OAuth 2.0 SSO for the Aurora Community Before you begin setting up OpenID Connect SSO for Community, you must gather this information: Client ID Client Secret Authorization Endpoint URL Token Endpoint URL (OIDC only) Expected “Issuer” for JWT validation (OIDC only) JWKS URI pointing to sign-in keys Claims mapping to map the minimum Community profile attributes to claims returned by the Token Endpoint URL and/or User Info URL. The required attributes that must be mapped are: SSO ID Login Name Email Address Note: When adding Claim Mapping during Provider Creation, the keys for the above values are “ssoid,” “login,” and “email,” respectively. After you have gathered the information listed above, you must create a Provider within the Community. Note: For a detailed description of all the OIDC/OAuth 2.0-related provider settings, review Aurora OpenID Connect/OAuth 2.0 setting descriptions. To create a Provider: Go to Settings > System > Account > OIDC/OAuth Providers > Add Provider. For each tab, enter this information: Name: Used to more easily distinguish a given provider in the UI. ID: Used in the Community sign-in URL, sign-out URL, and callback URL to distinguish between each provider configuration. Check out the examples below to see how these URLs are constructed. Client ID: Determined by the app created in your OP. Client Secret: Determined by the app created in your OP. Authorization: Enter authorization URL, Response Type, and Scope. Token: Token endpoint URL, expected Issuer, and JWKS URI. In addition, claim mapping must be added either here. The required profile attributes mentioned above must be mapped to an associated claim for SSO to function properly. For example, if the “sub” claim will be used for SSO ID, beside Claim mapping (ssoid required), click Add Parameter. Then enter “ssoid” into the Key field, and “sub” into the Value field. User Info: Fill in if any claim mappings come from a user info endpoint. Insert the user info URL and add any claim mapping. Click Create. When creating the app in the OP, you might be asked to specify a callback URL. The callback endpoint uses this format: https://<communityhost>/t5/s/auth/oauth2callback/providerid/<providerid> For example, if a Community at https://community.acme.com was configured with Provider ID “acme,” the URL would be: https://community.acme.com/t5/s/auth/oauth2callback/providerid/acme Note: If your Aurora community is configured for Reverse Proxy with Subdirectory, your endpoint paths are pushed up into the reverse proxy path similar to other URLs in your community. Enable SSO When you have finished your OAuth or OIDC configuration and you are ready to test, in the Single Sign On (SSO) section, turn on Use Khoros single sign-on (SSO). For more information, see Configure SSO settings for the community. Related topics: Aurora OpenID Connect/OAuth2.0 setting descriptions
Need Help Finding Khoros API for Usage Data
Hi there, I’m new to Khoros and trying to set up a simple dashboard to track usage data like Unique Visitors per Month, Total Visitors, Net Topics per Month, Accepted Solution Views, Page Views, and so on. I’ve been looking around but can’t seem to find the right API endpoint or documentation for this kind of data. Any help to get this data is really appreciated! Thanks a lot for your help! Best, DanziAbout Following in Aurora
Following places, content, groups, comments, replies, and tags enables you to receive updates regarding those areas or features. For more information about how these types of follows function, review the sections below. Note: If you are the author of a particular discussion, blog post, article, idea, or event, you will automatically receive updates for that content. Additionally, if you comment on a particular piece of content, you will automatically receive updates for that content. When you receive a notification, a dot appears over the Notifications bell icon in the header anywhere in the community. Click this icon to see a list of your notifications. See About Notifications. You can also choose to receive email notifications. See About Email Notifications. Follow Places and Content Follow Boards and Content To follow a board (forum, knowledge base, blog, ideas, or events) or a specific discussion, blog post, article, idea, or event, go to that page and click Follow (bell icon) at the top right of your screen. A confirmation message is displayed. Follow a Category Go to the category you want to follow and click Follow (bell icon). On the Follow window, select one of the following: All Boards in this Category These Boards in this Category If you selected These Boards in this Category, you can select specific boards to follow. Note: If you selected All Boards in this Category, you are subscribed to any boards that are added to the category later. Click Follow. A confirmation message is displayed. Follow a Group To follow a group, go to that page and click Follow (bell icon) at the top right of your screen. A confirmation message is displayed. Follow a Comment or Reply To follow a comment or reply on an article, open the Options menu and then click Follow Comment or Follow Reply, respectively. A confirmation message is displayed. Follow a Tag Following tags enables you to follow specific keywords around the community or a particular board. Any time a piece of content is tagged with a tag you follow, you receive a notification. For example, maybe you want to follow all content tagged with “concerts.” Any time someone creates content and tags it with the “concerts” tag, based on your settings, you receive a notification regarding this content in the community or board. You can follow tags at both the community level and at lower levels based on the scope of the tag page you’re on. To follow a tag: On a piece of content with a tag you want to follow, click the tag. On that tag’s page, click Follow (bell icon). Note: Use the breadcrumbs to scope to the desired area by clicking its linked name before you click Follow. On the Follow window, select between Follow in this Board and Follow across the Community. Click Follow. A confirmation message is displayed. Unfollowing After you’ve chosen to follow boards, content, or categories, you can manage the items you follow in a number of ways: Manage Follow and Notification preferences for your account Unfollow Places and Content Unfollow a Comment or Reply Unfollow a Tag Unfollow Places and Content On the page for any category, group, board, or piece of content, click Unfollow (the icon is now a bell with a checkmark on it to indicate that you’re already following that place or content). For categories, you must either select to Unfollow the entire category or deselect checkboxes below These Boards in this Category to unfollow specific boards in that category. For groups, boards, and content, you do not need to perform additional actions to unfollow. In both cases, a confirmation message is displayed. Unfollow a Comment or Reply To unfollow a comment or reply on an article, open the Options menu and then click Unfollow Comment or Unfollow Reply, respectively. A confirmation message is displayed. Unfollow a Tag On the page for any tag you’re following, click Unfollow (the icon is a bell with a checkmark on it to indicate that you’re following that tag). If you want to unfollow the tag across the entire community, click the highest level link (e.g., “Tag: concerts”) after the community name in the breadcrumbs before unfollowing—otherwise, it will be scoped to a specific place. Once you’ve unfollowed, a confirmation message is displayed. Related topics: Manage Follow and Notification preferences for your account Configure Follow settings for the communityView logged out text keys?
Hi all, Trying to find the text key for a specific button that only appears for logged-out users (Community Classic). I know how to do the "show text keys", but I only know how to do it when logged in. I found this thread, but it's not helpful: View logged out text keys | Atlas Specifically, I'm looking for the text key for the "Comment" link that appears on blog posts when not signed in. I found the key for "You must be a registered user to add a comment..." text, since that's easy enough to search for. But the "Comment" link is basically impossible to search for since the word "Comment" is so generic. I'll file a support case too, as I suspect this may require their help. Cheers!Aurora: Configure SSO settings for the community
Before you can use SSO with your community, you need to configure settings and enable the option. Note: As soon as you turn on the Use Khoros single sign-on (SSO) option, all the settings in the Single Sign-On area become active in the community. To configure SSO settings and enable SSO: Go to System > Account & Privacy. Scroll down to the Single Sign-On (SSO) section. Manage the following options: Allow member to change their SSO email address: Enable members using SSO to change the email associated with their account. This should be enabled only if the email address is collected on the Community SSO Registration screen. Allow member to change their first name and last name: Enable SSO users to update their first and last names under My Preferences > Personal. Use auto sign-in for fallback SSO: When Khoros SSO token-based sign-in fails, auto sign-in is used instead. Enter the following SSO URLs: Registration page: Direct users to this URL when they register. Sign-in page: Direct members to this URL when they sign in. Sign-out page: Direct members to this URL when they sign out. Bounce URL: (Optional) URL where the first request of a session is redirected. Can help to enable seamless Community authentication or "Bounce SSO". Leave blank to disable. Enter the Return value parameter name. By default, the Aurora Community application appends a query string parameter named referer (spelled as shown) and a value corresponding to the URL of the page the member was browsing prior to being redirected to the login or registration page. If your authentication system is already configured to use a parameter like “referer,” you can change “referer” to the name of that parameter. Otherwise, leave the parameter name as “referer.” Turn on Use Khoros single sign-on (SSO) to make these settings active in the community. Note: This must be enabled in order for any configured SSO mechanisms to be fully functional, including when using the multi-auth Sign-in Display feature detailed in Multi-Auth SSO. URL formats SAML (REDIRECT BINDING) Sign-in URL: <Aurora url>/t5/s/<communityID>/auth/saml/doauth/redirect Sign-out URL: <Aurora url>/t5/s/<communityID>/auth/saml/dologout/redirect SAML (POST BINDING) Sign-in URL: <Aurora url>/t5/s/<communityID>/auth/saml/doauth/post Sign-out URL: <Aurora url>/t5/s/<communityID>/auth/saml/dologout/post OIDC SSO Sign-in URL: <Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_login_redirect/provider/<providerID> Sign-out URL: <Aurora url>/t5/s/<communityID>/v1/auth/oidcss/sso_logout_redirect/provider/<providerID> Related topics: About Khoros Aurora Single Sign-On (SSO) Khoros Aurora SSO auto-sign in MultiAuth SSOAurora: Multi-Auth SSO
Communities require diverse authentication methods to accommodate varying member segments like employees, customers, etc. Admins can offer multiple sign-in options simultaneously, providing enhanced flexibility. These options include: Khoros SSO Up to three IDPs for SAML More than three IDPs for OIDC/OAuth2 (OIDC can be configured via admin only) To edit these settings, go to Settings > Systems > ACCOUNT > Sign-in. If Sign-In Display is not displayed, contact Khoros Support and request that the Multi-Auth feature be enabled. Edit the Sign-In Display option to configure the sign-in options you want to provide your members and how you want to display the sign-in options. Below is an example on the list of sign-in options you can configure. From here, you can: View all available sign-in options for your community. Add a welcome note that is displayed to users on the sign-in page. Turn on or off the sign-in options you prefer. Edit the labels of the sign-in buttons. Rearrange the order in which the sign-in options appear on sign-in pages. Choose to display the sign-in options as buttons for member sign-in. If you select the Display as sign-in button option, members see a sign-in button. If you de-select this option, members see a sign-in form instead. Enable SSO When you have finished your OAuth or OIDC configuration and you are ready to test, in the Single Sign On (SSO) section, turn on Use Khoros single sign-on (SSO). For more information, refer to Configure SSO settings for the community. Related topics: About Khoros Aurora Single Sign-On (SSO) Khoros Aurora SSO auto-sign in Configure SSO settings for the communityLithys 2011: Best New Community: TomTom
Company: TomTom Category: Best New Community (Launched after June 1, 2010) & Best Community ROI Usecase Entered by: Kenneth Refsgaard (kendoji) Community Name: TomTom Discussions URL: discussions.tomtom.com Launched: March 1, 2011 Entry: We launched two weeks ago (March 1, 2011) but our community has been extremely active right from the start. We got a number of things right (thanks to all the support and advice we received from Lithium on best practices), including having all the recommended promotional plans in place, a good board structure, a nice and clean UI and thorough internal communication around guidelines. This has resulted in a smooth launch, with about 150 new registrations and 25,000 page views every day. From launch we also immediately had support from numerous knowledgeable brand advocates (from third party navigation sites) who have been picking up just about every question posted on the community. We thought it would take months before we had a vibrant community with active brand advocates answering all the questions - but it all came together on Day two! Using the Engagement Center ROI tally (tweaked with our own cost-per-incident), in our first two weeks we handled 20,000 cases and delivered a value of 150,000 USD!!
