Zendesk offers the ability to split authentication methods for agents and end users. Apart from the Zendesk authentication, you also have more advanced authentication options. For more information, see the article: SSO (single sign-on) options in Zendesk.
Zendesk customers usually fall into one of three categories:
- Users who prefer Zendesk authentication
- Users who prefer a SAML hosted solution
- Users who prefer a JWT solution
This article gives you some insights into the groups and the authentication method best suited for each group.
Users who prefer Zendesk authentication
Users who are good candidates for native Zendesk authentication are typically self-sufficient, small organizations who don’t have developer resources available to them.
For more information about this option, see the articles below.
Users who prefer a SAML-hosted solution
Users who are good candidates for a SAML-hosted solution have an existing user database where users are maintained. Typically, this type of business has an engineering team that isn't specialized in system integrations. Usually, users who prefer a SAML option don't want to build an integration and troubleshoot it if something goes wrong. For more information, see the article: Enabling SAML single sign-on.
If you belong to this group, Zendesk recommends looking into a hosted SSO solution with a third party, such as OneLogin, Okta, or Ping Identity.
Users who prefer a JSON Web Token (JWT) solution
Users who are good candidates for a JWT single sign-on solution have their own database to manage their customers and a team of engineers who have experience with integrating various systems, writing code, and troubleshooting scripts.
Information about building a JWT authentication can be vague or imprecise. The reason is that each implementation can be customized, and each implementation based on your directory can be slightly different.
When configuring JWT, Zendesk requires you to send your authentication credentials in the format specified in this article: Enabling JWT (JSON Web Token) single sign-on. If the credentials don't match that format, then something is malformed in the JSON web token created by your script.
The Zendesk Customer Support team is always able to help you. However, the team can only tell you what you are expected to see. They can't troubleshoot or guide you on how to create your own JWT authentication.
To help you get started, we published a number of example scripts on Github, but you'll need to create and troubleshoot your own script or hire somebody who can do it for you.
Please sign in to leave a comment.