Single Sign-On(SSO)

Single Sign-On (SSO) is a system that lets users securely authenticate multiple cloud applications by logging in only once in a managed authentication system. This managed authentication system is also referred to as Identity Provider (IdP) and the cloud applications that rely on the data provided by Identity Provider are called as Service Providers (SP). Some of the Identity Providers are ADFS, OneLogin, Okta, Auth0, and G-Suite.

For more information on SSO in Freshdesk, click here

Custom SSO policies

Orgv2 has a built-in UI to set up custom login policy (with customized login URL) with different login mechanisms available under it.

  • An Org can set up about 5 custom policies.

  • 1 custom policy apart from default policy can be set up for agents per account.

  • 1 custom policy for contact per account can be configured.


You can configure a custom policy in Org even without this feature enabled in Freshdesk but those policies will not be synced to Freshdesk. In this scenario, we can enable the feature from the backend and you can change the custom policy name/URL to sync these policies to Freshdesk.


To set up custom SSO policy

Custom agent SSO:

If Org<>SSO sync feature is enabled, then there are 2 scenarios:

A. Freshdesk account without Freshdesk SSO:

  • The default Freshdesk landing page is support/home. 

  • Click on login → support/login

  • Support/login → On hovering the link 'Are you an agent Login here', the customized URL of Org custom policy will be there. 

  • On clicking here, it will take the Org custom policy login mechanism.

  • login/normal → It will not show any custom URL. This page will always redirect to the default Org login page

B. Freshdesk account with Freshdesk SSO:

  • Support/login → will redirect to Freshdesk SSO IDP. 

  • There is no way agents can log in to agent custom policy. They can only use login/normal to log in through Org default login page. 

  • You have to disable Freshdesk SSO to use login through custom policy. But once Freshdesk SSO is disabled, it cannot be re-enabled.



Custom contact SSO:
A. Freshdesk account without Freshdesk SSO:

  • Support/login page → On hovering the link 'Are you a customer Login here', the customized URL of Org custom policy will be there. On clicking here it will take Org custom policy login mechanism.

  • login/normal → it is only for agents.

B. Freshdesk account with Freshdesk SSO:

  • Support/login → will redirect to Freshdesk SSO IDP.

  • You can check the behavior of contact custom policy by hitting
    account_domain_url/customer/login in the browser. It will be redirected to the custom policy login URL, where you check the contact login functionality.

  • Once you have completely configured this, disable the Freshdesk SSO.


                   
   Once you have successfully set up SSO, the login page will look this :