Freshdesk's integration with OneLogin enables you to take complete control over application access, create and enforce security policies, and add a second factor of authentication.
Integration with OneLogin supports your users to log into Freshdesk with the same credentials that they use to log into other cloud-based apps. For example, if you are extensively using Salesforce and Freshdesk, you can add them both in OneLogin and let your agents seamlessly sign into them with just a click of a button.
The following features are supported with this integration:
* Single Sign-On: OneLogin uses SAML 2.0 to sign users into Freshdesk eliminating user-managed passwords and the risk of phishing.
* Active Directory & LDAP Integration: OneLogin’s zero-config Active Directory Connector can be installed in minutes with no server restarts or firewall changes.
*Multi-Factor Authentication: Add an extra layer of protection with OneLogin’s free smart phone app or a pre-integrated third-party solution from RSA, SafeNet, Duo Security, Symantec or VASCO.
Adding Freshdesk app on Onelogin
1. Log into your OneLogin account.
2. Under Apps tab, click on Add Apps.
3. Search for "Freshdesk" and click on the App when it appears.
4. Display name will be the name of the app you are adding.
5. Set the Connector version as SAML 2.0 and click Save.
6. Under the Configuration tab, enter the Subdomain. That will be the name of your helpdesk. For example, the subdomain of sauls.freshdesk.com is sauls.
7. The http-post URL below SAML endpoints in the Single-sign on tab is your SAML SSO Login URL. This will be required when you configure SAML SSO in Freshdesk.
8. If you wish for your admins to be able to sign in while assuming another user's credentials, be sure to check the checkbox next to Allow assumed users to sign in using this app. Note that this setting can only be changed by the account owner.
9. When you choose Configured by admin under Parameters > Credentials are, the user attributes will be filled automatically.
10. Under the Access tab, you can choose which roles should be able to access Freshdesk through OneLogin.
11. Click on Save, to save these configurations.
12. OneLogin's security certificate fingerprint will be available as SHA-1 fingerprint under Security > SAML. This will be required by Freshdesk.
Configuring SAML SSO in Freshdesk
1. Log into your Freshdesk account as admin.
2. Go to Admin > Security.
3. Use the toggle to enable Single sign on.
4. Click on SAML SSO and fill in the details you got from OneLogin.
5. The Login URL is the URL to which Freshdesk redirects the user when he requests SAML SSO for Freshdesk through OneLogin.
6. When the user signs out, he will be redirected to the Logout URL. This is optional. If this value is not given, the user gets
redirected to the portal.
7. OneLogin's Security certificate Fingerprint needs to be provided here so Freshdesk can verify if the user is authorised by OneLogin.
8. You can enable IP Whitelisting to restrict access to your support portal, only to trusted websites. Turn Whitelisting ON and enter the url's you want to whitelist.
9. Click on Save when you are done.
You can now start using Single Sign-on right away to login to your applications.