Zendesk for Service - SAML Relying Party Configuration - RSA Ready Implementation Guide
2 years ago
Originally Published: 2023-08-23

This section describes how to integrate RSA Cloud Authentication Service with Zendesk for Service using SAML Relying Party.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as a Relying Party to Zendesk for Service.

Procedure

  1. Sign in to RSA Cloud Administration Console.
  2. Click Authentication Clients > Relying Parties.                                                                                                                                       image.png
  3. On the My Relying Parties page, click Add a Relying Party.
  4. Click Add for Service Provider SAML.                                                                                                                                                      image.png
  5. On the Basic Information page, enter the name for the application in the Name field and click Next Step.                                             image.png
  6. On the Authentication page, choose SecurID manages all authentication.
  7. Select a Primary Authentication Method and an Access Policy as required and click Next Step.                                                           image.png
  8. Provide the Service Provider details in the following format: 
    1. ACS URL: <Zendesk ACS URL> 
    2. Service Provider Entity ID: <Zendesk Entity ID>
      See the Notes section for instructions on how to obtain the ACS URL and Entity ID.                                                                       image.png
  9. In the SAML Response Protection section, choose IdP signs assertion within response.
  10. Download the certificate by clicking Download Certificate.                                                                                                                      image.png
  11. Click Show Advanced Configuration.
  12. Under the User Identity section, configure Identifier Type and Property. For example, Identifier Type: Email Address and Property: mail.                                                                                                                                                                                                               image.png
  13. Click Save and Finish.
  14. On the My Relying Parties page, click the Edit drop-down icon and select the Metadata option to download the metadata.                      image.png
  15. Click Publish Changes. Your application is now enabled for SSO.                                                                                                           image.pngimage.png

Notes

  • ACS URL can be found on the SSO Configuration page Zendesk for Service under the SAML SSO URL section.
  • Entity ID can be obtained by removing /access/saml/ from the ACS URL.                                                                                                     image.png

Configure Zendesk for Service

Perform these steps to configure Zendesk for Service.

Procedure

  1. Sign in to Zendesk for Service with the admin credentials.
  2. Navigate to Settings > Single sign on and click Configure.                                                                                                                           image.png
  3. Click Create SSO configuration and select SAML.                                                                                                                                 image.png
  4. Provide the following details:
    1. Configuration name.
    2. SAML SSO URL: Obtain from the metadata file downloaded from RSA.
    3. Certificate fingerprint: See the Notes section for the instructions on how to obtain the certificate fingerprint.                                   image.png
  5. Scroll down and select the Show button when users sign in checkbox.
  6. Provide a name for the button and click Save.                                                                                                                                              image.png
  7. Under the Team member authentication and End user authentication sections, do the following:
    1. Select the External authentication checkbox.
    2. Choose Single sign on (SSO).                                                                                                                                                       image.png
  8. Select the checkbox for the configuration that you created.
  9. Choose Let them choose and click Save.                                                                                                                                             image.png

Notes

To obtain certificate fingerprint:

  1. Install the latest version of OpenSSL for Windows.
  2. Open the Windows Command-line interface. 
  3. Navigate to the OpenSSL installation directory (the default directory is C:\OpenSSL-Win32\bin). 
  4. Run the following commands to view the certificate fingerprint/thumbprint. 
    openssl x509 -noout -fingerprint -sha1 -inform pem -in <Certificate.pem>                                                                                                


The configuration is complete.

Return to Zendesk for Service - RSA Ready Implementation Guide.

Related Articles

Trending Articles

Don't see what you're looking for?