Steps to configure SAML SSO for ManageEngine ServiceDesk Plus

About ServiceDesk Plus

ServiceDesk Plus empowers you to take control of IT support incidents, offering solutions to minimize phone calls and emails to the help desk. With features for user-initiated call logging and comprehensive support, it's the all-in-one IT help desk software solution.

The following steps will help you enable single sign-on (SSO) for ServiceDesk Plus from Identity360.

Prerequisites

  1. The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications. For more information, refer to pricing details.
  2. Log in to Identity360 as an Admin or Super Admin.
  3. Navigate to Applications > Application Integration > Create New Application, and select ServiceDesk Plus from the applications displayed.
    Note: You can also find ServiceDesk Plus from the search bar located at the top.
  4. Under the General Settings tab, enter the Application Name and Description.
  5. Under the Choose Capabilities tab, choose SSO and click Continue.
    Identity360 application configuration general settingsGeneral settings of SSO configuration for ServiceDesk Plus
  6. Under Integration Settings, navigate to the Single Sign On tab, click on Metadata Details.
    • Copy the Login URL and Logout URL, which will be used during the configuration of ServiceDesk Plus.
    • Download the SSO certificate by clicking Download from the Signing Certificate field.
      Identity360 application configuration integration settingsIntegration Settings of SSO configuration for ServiceDesk Plus

ServiceDesk Plus (service provider) configuration steps

  1. Log in to ServiceDesk Plus with admin credentials.
  2. Click the Admin icon in the top-right corner.
  3. Navigate to Users > SAML Single Sign On.
    ServiceDesk Plus Set up SSOConfiguration of SAML SSO from ServiceDesk Plus
  4. Under the Configuration tab, navigate to the Configure Identity Provider Details section.
  5. In the Login URL field, paste the Login URL value copied in step 6a of the prerequisites section.
  6. In the Logout URL field, enter the Logout URL value copied in step 6a of the prerequisites section.
    Note: The Logout URL is optional and can be skipped if single logout (i.e., automatically log out from Identity360 when logging out from ServiceDesk Plus) is not required.
  7. In the Name ID format drop-down field, select Email Address from the list.
  8. In the Algorithm drop-down field, choose the option RSA_SHA256 from the list.
  9. Click the Choose File button and select the SSO certificate file downloaded in step 6b of the prerequisites section to upload it.
  10. Click Save.
    IdP configuration detailsIdP configuration details from ServiceDesk Plus
  11. After entering the identity provider details, toggle the button to enable SAML Single Sign-On.
  12. To ensure users log in to ServiceDesk Plus exclusively via SAML Single Sign-On, toggle the button to enable the Collapse the login form by default option. If you prefer users to have the choice between logging in with their credentials or using SAML Single Sign-On, disable this option.
    SP SSO enablementServiceDesk Plus SSO enablement
  13. Copy the values of the Assertion Consumer URL and the Entity ID from the Service Provider Details section; these will be used later.
    ServiceDesk Plus configuration detailsConfiguration details from ServiceDesk Plus

Identity360 (identity provider) configuration steps

  1. Switch to Identity360's application configuration page.
  2. In the ACS URL field, enter the Assertion Consumer URL copied in step 13 of ServiceDesk Plus configuration.
  3. In the Entity ID field, enter the Entity ID value copied in step 13 of ServiceDesk Plus configuration.
  4. Click Save.
    Identity360 application configurationIntegration Settings of SSO configuration for ServiceDesk Plus
  5. To learn how to assign users or groups to one or more applications, refer to this page.

Your users should now be able to sign in to ServiceDesk Plus through the Identity360 portal.

Note: For ServiceDesk Plus, both SP-initiated and IdP-initiated flows are supported.

Steps to enable MFA for ServiceDesk Plus

Setting up MFA for ServiceDesk Plus using Identity360 involves the following steps:

  1. Set up one or more authenticators for identity verification when users attempt to log in to ServiceDesk Plus. Identity360 supports various authenticators, including Google Authenticator, Zoho OneAuth, and email-based verification codes. Click here for steps to set up the different authenticators.
  2. Integrate ServiceDesk Plus with Identity360 by configuring SSO using the steps listed here.
  3. Now, activate MFA for ServiceDesk Plus by following the steps mentioned here.

How does MFA for applications work in Identity360?

  SSO Integration flow diagram  

Don't see what you're looking for?

  •  

    Visit our community  

    Post your questions in the forum.

     
  •  

    Request additional resources  

    Send us your requirements.