You can login to your Freshdesk account using the Login option at the top-right on your Freshdesk Portal, which will be available in the URL yourcompanyname.freshdesk.com.
This will take you to the login page where you can use your login credentials - email address and password, to access the helpdesk.
You can also login from https://freshdesk.com/login.
The Single Sign-On capability in Freshdesk lets the users arriving at your support portal login with their credentials saved on your database.
This saves them the time and effort involved in creating a separate account for your support portal. You can also set up an
SSO mechanism to validate users trying to log into your portal for Freshdesk using a locally hosted script. These could be the users who already have an account in your web application or whose information you have stored in your internal application like ActiveDirectory.
- Type your URL in the address bar, hit enter and select Login. Then choose the option Are you an Agent? Login here and it will redirect you to the Freshworks page.
- Select Forgot password option, enter your email address and a password reset link will be sent to your email.
- Reset the password using the link and you can log in to the account.
Please reach out to support@freshdesk.com for further help and clarifications.
Using Single Sign-On, your users could get automatically authenticated while logged in to your common Login option. For example, if you have a website or dashboard where your users login and would like to use the same to access Freshdesk, you could make use of Single Sign-On.
You could configure Single Sign-On within Freshdesk from under Admin-->Security and turning on "Single Sign-On". You could then choose between Simple or SAML SSO to proceed with the configuration.
You can make use of the companyname.freshdesk.com/login/normal and enter your valid Freshdesk credentials to access the account.
If you click on a link to which you don’t have access to or do not have the rights to view, this error is displayed.
For example: If you click on a ticket URL, which you don’t have access to,(you could be part of the conversation by being in cc) then you get this message. - If you are a customer.
The same happens when an agent clicks on the ticket and it would say that either the ticket is deleted or the agent does not have permissions to view the ticket.
If you are getting this error as an Agent, please check if you have the correct Ticket Scope (Global access) to view the page.
If a customer has somehow gotten the URL of a solution article that has been displayed only to a specific company (Restricted Access) and the customer is not part of that company then this error would appear.
Please feel free in writing to support@freshdesk.com in cases where the error appears in scenarios that are not mentioned above.
While setting up an SSO, the users would have to login from a common login URL, to be authenticated using SSO. The Remote Login URL is that URL to which your users would be redirected when they hit the Login button on your portal after you have set up an SSO.
You would have to update this field with the common login URL, while setting up SSO for your Freshdesk Account.
Freshdesk makes use of HMAC MD5 encryption, while using SSO for login authentication.
The mandatory parameters that need to be passed during login are, name, secret hash, email, and time stamp - in that order.
While setting up SSO for your Freshdesk Account, you would enter a Fingerprint, which is a shared secret key to be used during login authentication.
The most common mistake that might cause this is the presence of blank spaces at the beginning and end of the fingerprint text under Admin-->Security. Please ensure that there are no spaces before or after the fingerprint.
To update the Fingerprint, you could login to your account using the URL domain.freshdesk.com/login/normal and by using your Freshdesk login credentials.
If the issue persists, please send an email to support@freshdesk.com and we'll help you out.
You will be prompted with 'Invalid Time Stamp' error when the difference between the UTC timestamp generated by your server and ours is more than 30 seconds. Ensuring that your servers stay in sync with the NTP server (https://en.wikipedia.org/wiki/Network_Time_Protocol) will sort out this issue.
If you continue to face issues, kindly write to support@freshdesk.com and one of our agents will assist you further.
This error message denoting authentication failure would be because of an error in setting up the SSO. To analyse this, we would require the debug log. Please enter ?debug=1 at the end of the URL that is generated, to retrieve the debug log.
Also, please check the constructed URL after the login, to see if the Hash is generated or not.
If the issue persists, please send an email to support@freshdesk.com.
Please check if the agent who is logging in is using their email address which is part of the AD. Also, if they are a user on the AD, you would have to make sure if their user profile on the AD has permissions to use SSO. The email address from your AD is the parameter that Freshdesk checks while authenticating the login, to locate their profile on Freshdesk.
After every login with an SSO, Freshdesk will sync the name of the agents with the names in your SSO database. Hence, the names in Freshdesk would automatically be updated.
To fix this, please check how the names of the agents are configured on your SSO database.
Also, we support UTF-8 encoded special characters only; so if the name contains any unsupported special characters, we would change it to the English equivalent.
This would be because of an incorrect Remote Logout URL. If you have entered the login page of the portal as the Remote Logout URL, please have that modified and give this another try.
We use the UTC timestamp to generate the hash for validation. Before we were allowing the hash to be valid for 30 minutes, but now we have updated it to be valid for 30 seconds alone. Please check if your SSO server is in sync with the UTC time.
If your server is in sync, and you're still getting the session expired error, please drop an email to support@freshdesk.com.
This error occurs when there is a mismatch in the signature.
To extract the SHA signature from Google,
- Open the downloaded .pem extension file using notepad/sublime text editor.
- Make sure that you’ve selected SHA256 as the algorithm and click on calculate fingerprint.
Enter the key displayed in the formatted fingerprint text box in your Freshdesk account under Admin > Security > SAML >Security Certificate Fingerprint > Save.
If this is happening when you access your default Freshdesk URL then it would be mean that you have turned off the SSL under Admin > Security. Turn ON this option.
If you are being thrown an error such as this for your vanity URL then it means that you need to purchase an SSL certificate from us for your URL. If you are in the Estate plan the 1st certificate would be free. If not, you would need to pay $180/year/portal.
When an account is deleted, all associated data is destroyed within 14 business days.
