Hoping to discuss with Zendesk development team,

We have been trying to integrate SSO to our Zendesk support site from our main software platform (we're actually a desktop app).

We were surprised to discover after a few back & forths with your support team, that there is no way to authenticate (sign-in) a user via Zendesk API, and that we must force the user to go back through our own Sign In screen to authenticate and then return a callback to Zendesk SSO to allow the user through when they try to go to Zendesk from our platform. Even if they signed-in on our platform 10 seconds earlier to log onto our platform! We had hoped we could avoid this additional sign-in loop and sign-in the user using API and improve the ux.

We use this style of API authentication for SSO on some other services (TalentLMS being the main one) and believe it offers a very seamless integration of the 3rd party site into our application, the user does not notice they have moved into another platform relating to our software.

Currently, Zendesk forces users to go through another sign-in view to allow SSO by our account into their Zendesk account, which is unnecessary and poor design. Currently however, if they're already logged into Zendesk then they don't need to go through the sign-in view and Zendesk takes them to their Zendesk account automatically - so I don't see the big difference between what we're proposing and what Zendesk have already decided upon.

We were hoping Zendesk could consider it as a future feature. We would like to authenticate users (eg log a user in ourselves) via API so that we can avoid the need to force users into another sign-in screen after they've just potentially done it in the main application.

Thankyou