Submitted ideas will be evaluated by our product teams for upcoming releases and will be responded to so you know where things stand. For product support, please use the community forums or contact TAC.
NOTE: All Cisco employees & Channel Partners must enter Ideas through this Ideas Portal.
After the latest security update for Personal Rooms, we are having an issue that PR hosts are required to sign in the mobile app when trying to join their personal room meetings, started by other co-hosts.
Our scenario is as follows:
Management allows their assistance team as co-hosts for management's personal rooms.
The assistance team starts Personal Room meetings on behalf of management (the host).
Management (the host) then joins the meeting via mobile device with company credentials.
Issue is that due to security restrictions SSO for the company only loads when connected to company VPN - essentially not allowing users to login to their Webex accounts via mobile devices.
For that reason, management joins their own Personal Room meetings by clicking "Join as guest" from the app and entering their company's email address upon joining.
This is no longer possible, as entering the company email address prompts them to sign in.
They can only join their Personal Room meetings as guest via the mobile app if they enter a personal email address.
We are aware that sign in is required, because joining with the host's email address makes them a host automatically.
We would like to have the option that a user joins with the company email address and unless they verify (sign in), they are joined as a guest, and not given host privileges.
The reason for enabling the lobby on PMRs was to allow the host to see which users are verified users ( authenticated internal user/ authenticated external users ) and unverified users ( guests)
You can allow a "guest" to join directly by disabling the lobby in site admin
From a security perspective, I would not recommend this as this allows ANY user to join your meeting
In the feature that you request - how can you differentiate between a manager and an attacker ? as there is no verification of the guests identity
You could run a VPN connection from the mobile device if your SSO IdP is only reachable whilst on the corporate network, or you could make your IdP publicly available as other companies do
Attachments Open full size