You can login to your Freshdesk account using the Login option at the top-right on your Freshdesk Portal, which will be available in the URL yourcompanyname.freshdesk.com.
This will take you to the login page where you can use your login credentials - email address and password, to access the helpdesk.
You can also login from https://freshdesk.com/login.
The Single Sign-On capability in Freshdesk lets the users arriving at your support portal login with their credentials saved on your database.
This saves them the time and effort involved in creating a separate account for your support portal. You can also set up an SSO mechanism
to validate users trying to log into your portal for Freshdesk using a locally hosted script. These could be the users who already have an account in your web application or whose information you have stored in your internal application like ActiveDirectory.
Using Single Sign-On, your users could get automatically authenticated while logged in to your common Login option. For example, if you have a website or dashboard where your users login and would like to use the same to access Freshdesk, you could make use of Single Sign-On.
You could configure Single Sign-On within Freshdesk from under Admin-->Security and turning on "Single Sign-On". You could then choose between Simple or SAML SSO to proceed with the configuration.
If you click on a link to which you don’t have access to or do not have the rights to view, this error is displayed.
For example: If you click on a ticket URL, which you don’t have access to,(you could be part of the conversation by being in cc) then you get this message. - If you are a customer.
The same happens when an agent clicks on the ticket and it would say that either the ticket is deleted or the agent does not have permissions to view the ticket.
If you are getting this error as an Agent, please check if you have the correct Ticket Scope (Global access) to view the page.
If a customer has somehow gotten the URL of a solution article that has been displayed only to a specific company (Restricted Access) and the customer is not part of that company then this error would appear.
While setting up an SSO, the users would have to login from a common login URL, to be authenticated using SSO. The Remote Login URL is that URL to which your users would be redirected when they hit the Login button on your portal after you have set up an SSO.
You would have to update this field with the common login URL, while setting up SSO for your Freshdesk Account.
Freshdesk makes use of HMAC MD5 encryption, while using SSO for login authentication.
The mandatory parameters that need to be passed during login are, name, secret hash, email, and time stamp - in that order.
While setting up SSO for your Freshdesk Account, you would enter a Fingerprint, which is a shared secret key to be used during login authentication.
The most common mistake that might cause this is the presence of blank spaces at the beginning and end of the fingerprint text under Admin-->Security. Please ensure that there are no spaces before or after the fingerprint.
To update the Fingerprint, you could login to your account using the URL domain.freshdesk.com/login/normal and by using your Freshdesk login credentials.
If the issue persists, please send an email to email@example.com and we'll help you out.
You will be prompted with 'Invalid Time Stamp' error when the difference between the UTC timestamp generated by your server and ours is more than 30 seconds. Ensuring that your servers stay in sync with the NTP server (https://en.wikipedia.org/wiki/Network_Time_Protocol) will sort out this issue.
If you continue to face issues, kindly write to firstname.lastname@example.org and one of our agents will assist you further.
This error message denoting authentication failure would be because of an error in setting up the SSO. To analyse this, we would require the debug log. Please enter ?debug=1 at the end of the URL that is generated, to retrieve the debug log.
Also, please check the constructed URL after the login, to see if the Hash is generated or not.
If the issue persists, please send an email to email@example.com.
Please check if the agent who is logging in is using their email address which is part of the AD. Also, if they are a user on the AD, you would have to make sure if their user profile on the AD has permissions to use SSO. The email address from your AD is the parameter that Freshdesk checks while authenticating the login, to locate their profile on Freshdesk.
After every login with an SSO, Freshdesk will sync the name of the agents with the names in your SSO database. Hence, the names in Freshdesk would automatically be updated.
To fix this, please check how the names of the agents are configured on your SSO database.
Also, we support UTF-8 encoded special characters only; so if the name contains any unsupported special characters, we would change it to the English equivalent.
This would be because of an incorrect Remote Logout URL. If you have entered the login page of the portal as the Remote Logout URL, please have that modified and give this another try.