Configure Zendesk for UserLock Single-Sign On
Procedure
Enable Zendesk in UserLock SSO
In the UserLock console, Navigate to Single Sign-On → Configuration.
- Select Add configuration, then select Zendesk as the provider to be configured.
- Select Custom App Domain, then enter the domain of your Zendesk instance (https:// <yourZendeskDomain> .zendesk.com)
- When prompted with Email domain, enter the domain of the email you want to be used to allow users to log into.
NOTE: The SSO service needs to be restarted in order to use this profile
Configure Zendesk settings
- From your Zendesk agent homepage, go to Admin → Settings → Security
- Under "Global" tab, follow the Manage security settings in Admin Center link, as presented below:
-
Under "Single sign-on" tab, for SAML, click Configure. Complete the form as indicated with the values listed below:
- Ensure that SAML is enabled, tick the checkbox.
-
For the SAML SSO URL, set the value to:
SSO address + "/saml/sso"
- For the Certificate fingerprint, go to SSO source files, open "SSO.cer". Navigate to Details → Thumbprint. Copy and paste the SSO Certificate Thumbprint.
-
For the Remote logout URL, set the value to:
SSO address + "/connect/endession"
- Save the form, and activate the option External Authentication for Staff Members. Ensure that the Single sign-on option is selected.
- Click the Save button, Zendesk is ready to use.
<Important!> If SSO is unavailable
It is possible to bypass SSO using the following procedure:
- Go to: https://<yourZendeskDomain>.zendesk.com/access/sso_bypass
- A bypass URL will be provided upon supplying a valid email address.