Freshdesk's integration with OneLogin lets your users log into Freshdesk with the same credentials that they use to log into other cloud-based apps. For example, if you are extensively using Salesforce and Freshdesk, you can add them both in OneLogin and let your agents seamlessly sign into them with just a click of a button.
Adding Freshdesk app on Onelogin
- Log into your OneLogin account.
Under Apps tab, click on 'Add Apps'.
- Search for 'Freshdesk' and click on the App when it appears.
- Display name will be the name of the app you are adding.
Set the Connector version as SAML 2.0 and click Save.
Under the Configuration tab, enter the Subdomain. That will be the name of your helpdesk. For example, the subdomain of sauls.freshdesk.com is sauls.
- The http-post URL below SAML endpoints in the Single-sign on tab is your SAML SSO Login URL. This will be required when you configure SAML SSO in Freshdesk.
- If you wish for your admins to be able to sign in while assuming another user's credentials, be sure to check the checkbox next to Allow assumed users to sign in using this app. Note that this setting can only be changed by the account owner.
- When you choose Configured by admin under Parameters > Credentials are, the user attributes will be filled automatically.
- Under the Access tab, you can choose which roles should be able to access Freshdesk through OneLogin.
- Click on Save, to save these configurations.
- OneLogin's security certificate fingerprint will be available as SHA-256 fingerprint under SSO X.509 Certificate. You can click on 'View Details' to open it. This will be required in Freshdesk.
- Make sure to choose SHA-256 in the dropdown to get the right fingerprint.
Configuring SAML SSO in Freshdesk
- Log into your Freshdesk account as admin.
- Go to Admin > Security.
- Use the toggle to enable Single sign on.
- Click on SAML SSO and fill in the details you got from OneLogin.
- The Login URL is the URL to which Freshdesk redirects the user when he requests SAML SSO for Freshdesk through OneLogin.
- When the user signs out, he will be redirected to the Logout URL. This is optional. If this value is not given, the user gets redirected to the portal.
OneLogin's Security certificate Fingerprint needs to be provided here so Freshdesk can verify if the user is authorized by OneLogin.
- You can enable IP Whitelisting to restrict access to your support portal, only to trusted websites. Turn Whitelisting ON and enter the url's you want to whitelist.
- Click on Save when you are done.
You can now start using Single Sign-on right away to login to your applications.