Zendesk provides the ability to create separate authentication configurations for different collections of users. This could be as simple one authentication policy for end users and another for team members, or as complex as different authentication policies for specific groups and organizations of users.
Viewing your SSO configurations
All SSO configurations are listed on the Single sign-on page in Admin Center. The list includes the configuration's name, whether it's a SAML or JWT configuration, which types of users it's assigned to, and whether or not it's active. SSO configurations are listed from newest to oldest and can't be sorted.
Setting an SSO configuration as the primary authentication method
If you have more than one authentication method assigned to your users, you must specify primary SSO methods for end users and team members. Zendesk attempts to anticipate whether an unauthenticated user is an end user or team member and routes them to the appropriate remote login page based on that.
To set a primary SSO configuration
- Open the Security settings for team members or end users.
- In Admin Center, click
Account in the sidebar, then select Security > Team member authentication.
- In Admin Center, click
Account in the sidebar, then select Security > End user authentication.
- In Admin Center, click
- For Primary SSO, select the name of the SSO configuration you want to send end users or team members to by default.
- Click Save.
Editing SSO configurations
You may need to edit your SSO configurations after you create them. For example, you may need to create a new shared secret for a JWT configuration or update the URL for your remote login page.
To edit an SSO configuration
- In Admin Center, click
Account in the sidebar, then select Security > Single sign-on.
- Hover over the SSO configuration you want to create a new shared secret for,
then click the option menu icon (
) and select Edit.
Activating SSO configurations
- In Admin Center, click
Account in the sidebar, then select Security > Team member authentication.
- In Admin Center, click
Account in the sidebar, then select Security > End user authentication.
4 Comments
Anton de Young - Are we able to delete SSO configurations? I don't see an option for that in the UI.
Hi Chris Fassano,
At the moment we don't allow SSO configurations to be deleted. Hopefully, in the future, we can add that combined with logs & restoration features to deal with accidental deletes.
We are currently configured for SSO through MO365 and Zendesk. We would like to stop using SSO and just have username and password login. What is the best process to acheive this?
Hi Peter,
If External Authentication is turned off then Zendesk native authentication will be used when logging into Zendesk (username and password) and turning it on again will set it (SSO) as the default once more.
To edit your user authentication:
I hope this helps! Thank you!
Please sign in to leave a comment.