Okta SSO error resolution - Invalid Role / Ticket Restriction combination for Zendesk user



  • Rachel M

    hi Jaye!

    I think even if you're not using the Support/ticket system, you need to pretend that you do when setting this connection up – if that makes sense. This might not be helpful, since you've said you've been through multiple combinations already, but this is how we have our mapping set up in Okta, for our non-agent group:

    The "requested" restrictions would, in a support ticket world, only allow the end user access to view tickets they submitted/requested, as opposed to "all tickets in their organization", etc.

    Possibly already things you know & tried, but hopefully it helps!

  • Jaye Speaks

    Thanks for the idea Rachel M. I had tried that combination, however the errors continued to appear in the Okta logs. Zendesk support finally setup a session and tailed their API logs while I had the Ticket Access Restriction set to "Not Mapped". They indicated the API calls didn't contain any errors on their end, and the Okta provisioning log didn't show an error. I'm concluding the issue is resolved with the setting at Role as end-user, and Ticket Access Restriction as Not Mapped in our instance. Thanks again.

  • Rachel M

    you're welcome! and glad to hear you reached a resolution!


Please sign in to leave a comment.

Powered by Zendesk