Blocking external authentication (SSO) for a specific mail domain (instead of for all Staff members)

Nicht geplant

4 Kommentare

  • Caroline Kello
    Aktionen für Kommentare Permalink

    Hey DSI,

    Could you please give me some more context on your current setup? What would this enable for you that's not currently possible? I think I'm struggling to understand if you want SSO set up differently for agents within your company, vs agents that are not in your company. Any additional info would help! 

    Thanks, Caroline

    0
  • DSI
    Aktionen für Kommentare Permalink

    Sure Caroline.
    We have SSO enabled and also Zendesk authentication enabled too.
    External authentication is checked for "Staff members" but also for "End users".
    Same for Zendesk authentication.
    As you know, Staff members (with role) can have a Zendesk account linked to mail with company domain or also have an Zendesk account with a none company domain.

    What we want to do is to find an easy way to disable external authentication for a specific domain name (our company domain name). So Zendesk users having mail with company domain will be forced to use Zendesk authentication since external authentication will be disabled & no more working for them.

    I hope it's more clear.

     

     

    0
  • Caroline Kello
    Aktionen für Kommentare Permalink

    Hey DSI,

    That makes it a bit more clear, thank you. We're looking at splitting our end-user and agent auth on our long-term roadmap, so this seems like it would be a use case to consider after that work has been done (I don't have a timeline to share with you at the moment). Thanks for raising your feedback and adding your use case, it's much appreciated.

    0
  • Mark Sadegursky
    Aktionen für Kommentare Permalink

    Being blunt, probably one of the worst SSO implementations I've seen in a long time. We have end-users that are from our company that need to access via SSO. however, our customers, obviously don't have SSO with us. Your login should be smart enough to know if the domain is configured for SSO and trigger the redirect to the SSO sign in. This way you can properly run a mix-mode.

    0

Bitte melden Sie sich an, um einen Kommentar zu hinterlassen.

Powered by Zendesk