By default, Freshdesk supports SAML based Single Sign On and if you use Auth0 as IDP, Please follow the steps below to setup SAML with Auth0. All these are to be done in Auth0 configuration:


1.Go to the Clients section on the left of your screen



2. Create a new Client

3. Enter App Name

4. Under the options to choose a client type, select the Regular Web Applications

5. Hit "Create" and head over to the Addons tab to enable SAML2 WebApp

6. Specify Application Callback url as https://<YOUR_FRESHDESK_DOMAIN>/login/saml

7. In the settings section paste the below settings and replace <YOUR_FRESHDESK_DOMAIN> with your freshdesk domain name.


{
"audience":  "https://<YOUR_FRESHDESK_DOMAIN>",
 "mappings": {
   "email":       "Email",
   "name":        "username",
   "given_name":  "FirstName",
   "family_name": "LastName"
 },
 "nameIdentifierFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:email",
 "nameIdentifierProbes": [
   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
 ],
 "signatureAlgorithm":   "rsa-sha1",
 "digestAlgorithm":      "sha1",
 "lifetimeInSeconds":    3600,
 "signResponse":         false,
}


8. Scroll to the bottom and Hit  Save.



By default, Freshdesk supports SAML based Single Sign On and if you use Auth0 as IDP, Please follow the steps below to setup SAML with Auth0. All these are to be done in Auth0 configuration:


1.Go to the Clients section on the left of your screen



2. Create a new Client 

3. Enter App Name

4. Under the options to choose a client type, select the Regular Web Applications

5. Hit "Create" and head over to the Addons tab to enable SAML2 WebApp

6. Specify Application Callback url as https://<YOUR_FRESHDESK_DOMAIN>/login/saml

7. In the settings section paste the below settings and replace <YOUR_FRESHDESK_DOMAIN> with your freshdesk domain name.


{
"audience":  "https://<YOUR_FRESHDESK_DOMAIN>",
 "mappings": {
   "email":       "Email",
   "name":        "username",
   "given_name":  "FirstName",
   "family_name": "LastName"
 },
 "nameIdentifierFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:email",
 "nameIdentifierProbes": [
   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
 ],
 "signatureAlgorithm":   "rsa-sha1",
 "digestAlgorithm":      "sha1",
 "lifetimeInSeconds":    3600,
 "signResponse":         false,
}


8. Scroll to the bottom and Hit  Save.