Configure Zendesk for UserLock Single-Sign On

Procedure

• Enable Zendesk in UserLock SSO
• Configure Zendesk settings

Enable Zendesk in UserLock SSO

In the UserLock console, Navigate to Single Sign-On → Configuration.

1. Select Add configuration, then select Zendesk as the provider to be configured.
2. Select Custom App Domain, then enter the domain of your Zendesk instance (https:// <yourZendeskDomain> .zendesk.com)
3. When prompted with Email domain, enter the domain of the email you want to be used to allow users to log into.

NOTE: The SSO service needs to be restarted in order to use this profile

Configure Zendesk settings

1. From your Zendesk agent homepage, go to Admin → Settings → Security
2. Under "Global" tab, follow the Manage security settings in Admin Center link, as presented below:

   
   

3. Under "Single sign-on" tab, for SAML, click Configure. Complete the form as indicated with the values listed below:

   • Ensure that SAML is enabled, tick the checkbox.

   • For the SAML SSO URL, set the value to:

     SSO address + "/saml/sso"
   • For the Certificate fingerprint, go to SSO source files, open "SSO.cer". Navigate to Details → Thumbprint. Copy and paste the SSO Certificate Thumbprint.

   • For the Remote logout URL, set the value to:

     SSO address + "/connect/endession"
   • Save the form, and activate the option External Authentication for Staff Members. Ensure that the Single sign-on option is selected.
   • Click the Save button, Zendesk is ready to use.

   
   

<Important!> If SSO is unavailable

It is possible to bypass SSO using the following procedure:

• Go to: https://<yourZendeskDomain>.zendesk.com/access/sso_bypass
• A bypass URL will be provided upon supplying a valid email address.

• Configure the applications
  • AdobeSign
  • Athena Health
  • AWS
  • Box
  • DocuSign
  • Dropbox
  • Google Workspace
  • Microsoft 365
  • Salesforce
  • ServiceNow
  • Slack
  • Slite
  • Zendesk