UserLock Documentation
UserLock Documentation

Configure Zendesk for UserLock Single-Sign On


Enable Zendesk in UserLock SSO

In the UserLock console, Navigate to Single Sign-On → Configuration.

  1. Select Add configuration, then select Zendesk as the provider to be configured.
  2. Select Custom App Domain, then enter the domain of your Zendesk instance (https:// <yourZendeskDomain>
  3. When prompted with Email domain, enter the domain of the email you want to be used to allow users to log into.

NOTE: The SSO service needs to be restarted in order to use this profile

Configure Zendesk settings

  1. From your Zendesk agent homepage, go to Admin → Settings → Security
  2. Under "Global" tab, follow the Manage security settings in Admin Center link, as presented below:

  3. Under "Single sign-on" tab, for SAML, click Configure. Complete the form as indicated with the values listed below:

    • Ensure that SAML is enabled, tick the checkbox.
    • For the SAML SSO URL, set the value to:

      SSO address + "/saml/sso"
    • For the Certificate fingerprint, go to SSO source files, open "SSO.cer". Navigate to Details → Thumbprint. Copy and paste the SSO Certificate Thumbprint.
    • For the Remote logout URL, set the value to:

      SSO address + "/connect/endession"
    • Save the form, and activate the option External Authentication for Staff Members. Ensure that the Single sign-on option is selected.
    • Click the Save button, Zendesk is ready to use.

<Important!> If SSO is unavailable

It is possible to bypass SSO using the following procedure:

  • Go to: https://<yourZendeskDomain>
  • A bypass URL will be provided upon supplying a valid email address.