Okta supports single sign-on for Zendesk using SAML (Secure Assertion Markup Language). For many of the settings used to configure single sign-on in Okta, you'll find much more detailed information in the Okta user interface. For more about Single sign-on using SAML support in Zendesk, see Enabling SAML single sign-on.
Configuring SAML must be done in both in your Okta account and in Zendesk. You start in Okta first and get the SAML information you'll need to complete the configuration in Zendesk.
Configuring SAML in Okta
Sign in to Okta as an administrator and then follow the steps below.
To configure SAML for Zendesk in Okta
- In Okta, from the drop-down list in the upper-right corner, make sure you are using the Classic UI interface (not the Developer Console).
- Select Add Applications from the dashboard.
- Click Add Application, then search for and choose Zendesk. The Add Zendesk wizard appears.
- On the first screen, General Settings, add a name for the application and your Zendesk subdomain. For example, if your Zendesk URL is mycompany.zendesk.com, enter mycompany). Click Next.
- On the second screen, Sign-On Options, select SAML 2.0. This is where you'll find the SAML SSO URL, the Remote logout URL, and the Certificate fingerprint. You need this information to complete the SAML setup in Zendesk.
- Click the SAML 2.0 setup instructions for Zendesk link.
A page appears with instructions on how to configure SAML in Zendesk. See Configuring SAML in Zendesk below for the latest information.
- Copy the SAML SSO URL, the Remote logout URL, and the Certificate
You need this information to configure SAML in Zendesk. When you've finished copying, close this window and return to your Okta dashboard.
- (Optional) If you enable User Management, you'll be able to import users from
Zendesk into your Okta account, provision new Zendesk accounts from Okta, and push Okta
user profile updates and passwords to Zendesk.
You'll find information about these Okta features in your Okta account and documentation.
- (Optional) People allows you to select who in your Okta account has access to Zendesk. This step is not covered in this article. You'll find information about these Okta features in your Okta account and documentation.
- When you've completed each step, click Next to complete and close the Zendesk configuration in Okta.
Configuring SAML in Zendesk
When your Zendesk for Okta setup is complete and the information you need for setting up SAML in Zendesk is available, sign in to your Zendesk account as an admin and enable SAML single sign-on. You'll need the SAML SSO URL, the Remote logout URL, and the Certificate fingerprint from Okta to complete your set up.
Assign users to SAML single sign-on with Okta
After configuring SAML single sign-on with Okta, assign this SSO option to end users, staff members (agents and administrators), or both. For more information, see Assigning SAML SSO to users.
Are new users created automatically in Zendesk or do I need to add them first in Zendesk that they can authenticate through Okta?
Hello Eric Shen, this information is super helpful! I am curious on whether or not there are any issues with this connection where users have created zendesk ticket using their email but have not signed up within zendesk.
We created an on and off-boarding process by which you can Approve, Add, and Authenticate a user from a Zendesk ticket to Okta. An agent receives the ticket and can approve or deny the request. The new user is then created in Okta and provision an App, like email or a scim-based cloud app, in seconds.
Please sign in to leave a comment.