Integration Hub FreshdeskSSO

About Freshdesk

Freshdesk is a customer support software that provides customer support and communication. It focuses on managing customer inquiries, tickets, and feedback via multiple communication channels and offers a ticketing system, automation, and reporting to facilitate customer issue resolution.

Steps to configure SAML SSO for Freshdesk

The following steps will help you enable SAML-based SSO to Freshdesk from ManageEngine Identity360.

Prerequisites

  1. The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications.
  2. Log in to Identity360 as an Admin or Super Admin, or Technician with a role that has Application Integration and Single Sign-on permissions.
  3. Navigate to Applications > Application Integration > Create New Application, and select Freshdesk from the applications displayed.
    Note: You can also find Freshdesk from the search bar located at the top.
  4. Under the General Settings tab, enter the Application Name and Description.
  5. Under Choose Capabilities tab, choose SSO and click Continue.
    Identity360 application configuration general settingsGeneral Settings of SSO configuration for Freshdesk
  6. Under Integration Settings, navigate to the Single Sign On tab and select SAML from the Method drop-down. Click Metadata Details.
  7. Copy the Login URL, Logout URL, Entity ID/Issuer URL, and Signature Certificate, which will be used during the SSO configuration in Freshdesk.
    Identity360 application configuration integration settings of SAML SSOIntegration Settings of SAML-based SSO configuration for Freshdesk

Freshdesk (service provider) configuration steps

  1. Log in to the Freshdesk portal and click the Admin icon.
  2. Scroll down and find the Account section. Select the Security option.
    Freshdesk account settingsImage showing the account settings of Freshdesk
  3. Click Configure Freshworks SSO.
    Freshdesk security settingsImage showing the security settings of Freshdesk
  4. You will be redirected to Freshworks' Security Settings page. Click the highlighted icon in the image given below.
    Freshdesk security settingsImage showing the security settings of Freshdesk
  5. You will be redirected to Default Login Method page and use the toggle button enable SSO Login.
    Note: If you have previously configured SSO, click + Add another SSO.
    Freshdesk Third party SSOImage showing the selection of SSO capability from Freshdesk
  6. To configure SAML-based SSO, click SAML under the IdP of your choice section in the Configure SSO side pane.
    Freshdesk SAML-based SSO selectionSelecting SAML-based SSO in the Freshdesk portal
  7. Paste the values copied during step 7 of prerequisites in the following fields:
    • Entity ID/Issuer URL in the Entity ID provided by the IdP field
    • Login URL in the SAML SSO URL field
    • Logout URL in the Logout URL field
    • Signature Certificate in the Security certificate field
    Freshdesk set up SSOImage showing the configuration of SAML SSO from Freshdesk
  8. Copy the SP Identifier value from the Service Provider(SP) Entity ID field.
    Freshdesk Service Provider(SP) Entity IDImage showing the Service Provider(SP) Entity ID in Freshdesk Portal
  9. Copy the Unique ID value from the Assertion Consumer Service(ACS) URL field.
    Freshdesk Assertion Consumer Service URLImage showing the ACS URL in Freshdesk Portal
  10. Click Configure SSO.

Identity360 (identity provider) configuration steps

  1. Switch to Identity360's application configuration page.
  2. In the SP Identifier field, paste the value copied from the Service Provider(SP) Entity ID field during Step 8 of Freshdesk configuration.
  3. In the Unique ID field, enter the value copied from the Assertion Consumer Service(ACS) URL field during Step 9 of Freshdesk configuration.
    Identity360 application configuration for SAML methodIntegration Settings of Freshdesk configuration for SAML method
  4. Click Save.
  5. To learn how to assign users or groups to one or more applications, refer to this page.

Your users should now be able to sign in to Freshdesk through the Identity360 portal.

Steps to configure OAuth/OpenID Connect-based SSO for Freshdesk

The following steps will help you enable OAuth/Open ID Connect-based SSO to Freshdesk from ManageEngine Identity360.

Prerequisites

  1. The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications. For more details, refer to pricing details.
  2. Log in to Identity360 as an Admin or Super Admin, or Technician with a role that has Application Integration and Single Sign-on permissions.
  3. Navigate to Applications > Application Integration > Create New Application, and select Freshdesk from the applications displayed.
    Note: You can also find Freshdesk from the search bar located at the top.
  4. Under the General Settings tab, enter the Application Name and Description.
  5. Under Choose Capabilities tab, choose SSO and click Continue.
    Identity360 application configuration general settingsGeneral Settings of SSO configuration for Freshdesk
  6. Under Integration Settings, navigate to the Single Sign On tab, and select OAuth/OpenID Connect from the Method drop-down. Click IdP Details.
  7. Copy the Client ID, Client Secret, Authorization Endpoint URL, Token Endpoint URL, and User Endpoint URL, which will be used during the SSO configuration in Freshdesk.
    Identity360 application configuration integration settings of OAuth/OpenID Connect SSOIntegration Settings of of OAuth/OpenID Connect SSO configuration for Freshdesk

Freshdesk (service provider) configuration steps

  1. Log in to the Freshdesk portal and click the Admin icon.
  2. Scroll down and find the Account section. Select the Security option.
    Freshdesk account settingsImage showing the account settings of Freshdesk
  3. Click Configure Freshworks SSO.
    Freshdesk security settingsImage showing the security settings of Freshdesk
  4. You will be redirected to Freshworks' Security Settings page. Click the highlighted icon in the image given below.
    Freshdesk security settingsImage showing the security settings of Freshdesk
  5. You will be redirected to Default Login Method page and use the toggle button enable SSO Login.
    Note: If you have previously configured SSO, click + Add another SSO.
    Freshdesk Third party SSOImage showing the selection of SSO capability from Freshdesk
  6. If you choose to configure OpenID-Connect-based SSO, click OIDC under the IdP of your choice section in the Configure SSO side pane.
    Freshdesk OIDC-based SSO selectionSelecting OIDC-based SSO in the Freshdesk portal
    • Paste the values copied during step 7 of prerequisites in the following fields:
      • Client ID in the Client id field
      • Client Secret in the Client secret field
      • Authorization Endpoint URL in the Authorization URL field
      • Token Endpoint URL in the Access token URL field
    SP OIDC based-SSO configuration detailsImage showing the SP details for OIDC-based SSO configuration
  7. If you choose to configure OAuth-based SSO, click OAuth 2.0 under the IdP of your choice section in the Configure SSO side pane.
    Freshdesk OAuth-based SSO selectionSelecting OAuth-based SSO in the Freshdesk portal
    • Paste the values copied during step 7 of prerequisites in the following fields:
      • Client ID in the Client id field
      • Client Secret in the Client secret field
      • Authorization Endpoint URL in the Authorization URL field
      • Token Endpoint URL in the Access token URL field
      • User Endpoint URL in the User info URL field
    SP OAuth based-SSO configuration detailsImage showing the SP details for OAuth based-SSO configuration
  8. Copy the Redirect URL from Freshdesk and click Configure SSO.
    SP Redirect URLImage showing the Redirect URL in the SP portal

Identity360 (identity provider) configuration steps

  1. Switch to Identity360's application configuration page.
  2. In the Login Redirect URL field, enter the Redirect URL value copied during step 8 of Freshdesk configuration.
  3. If you have opted for OIDC-based SSO, select openid scope, or if you have chosen OAuth-based SSO, select email and profile from the Scopes drop-down list.

    Note: Scopes define the level of access that can be requested by the service provider to access a resource. Identity360 supports the following scopes:

    • openid: Establishes that this is an OpenID Connect request.
    • email: Requests the user's email attribute.
    • profile: Requests the user's profile claims (FirstName and LastName).
    Identity360 application configuration for OAuth/OpenID Connect methodIntegration Settings of Freshdesk configuration for OAuth/OpenID Connect method
  4. Click Save.
  5. To learn how to assign users or groups to one or more applications, refer to this page.

    Your users should now be able to sign in to Freshdesk through the Identity360 portal.

    Note: For Freshdesk, only SP-initiated flow is supported.

Steps to enable MFA for Freshdesk

Setting up MFA for Freshdesk using Identity360 involves the following steps:

  1. Set up one or more authenticators for identity verification when users attempt to log in to Freshdesk. Identity360 supports various authenticators, including Google Authenticator, Zoho OneAuth, and email-based verification codes. Click here for steps to set up the different authenticators.
  2. Integrate Freshdesk with Identity360 by configuring SSO using the steps listed here.
  3. Now, activate MFA for Freshdesk by following the steps mentioned here.

How does MFA for applications work in Identity360?

  SSO Integration flow diagram  

Don't see what you're looking for?

  •  

    Visit our community  

    Post your questions in the forum.

     
  •  

    Request additional resources  

    Send us your requirements.

     
Back to Top