Zendesk - SAML My Page SSO Configuration – RSA Ready Implementation Guide
2 years ago
This article describes how to integrate Zendesk for Sales with the RSA Cloud Authentication Service using My Page SSO.

Configure the RSA Cloud Authentication Service

Perform these steps to configure the RSA Cloud Authentication Service using My Page SSO.

Procedure
  1. Sign in to the RSA Cloud Administration Console with administrator credentials.
  2. Enable SSO on the My Page portal by accessing the RSA Cloud Administration Console > Access > My Page > Single Sign-On (SSO). Ensure it is enabled and protected by two-factor authentication using a Password and Access Policy.image.png
  3. Click Applications > Application Catalog.
  4. On the Application Catalog page, search for Zendesk and click Add to add the connection. image.png
  5. On the Basic Information page, enter a name for the configuration in the Name field and click Next Step.image.png
  6. In the Connection Profile section, select IdP-initiated.image.png
  7. Enter the Service Provider details ACS URL and Service Provider Entity ID.
    Refer to the Notes section for instructions on how to obtain the ACS URL and Entity ID for Zendesk.image.png
  8. In the SAML Response Protection section, select IdP signs assertion within response.
  9. Click Download Certificate to download the certificate.image.png
  10. Select Show Advanced Configuration and configure Identifier Type and Property under the User Identity section as shown in the example in the screenshot below.image.png
  11. Click Next Step.
  12. Choose your desired Access Policy for this application and click Next Step > Save and Finish.image.png
  13. On the My Applications page, click the drop-down menu and select Export Metadata to download the metadata.image.png
  14. Click Publish Changes. After publishing, your application is now enabled for SSO.image.pngimage.png

Notes

To obtain the ACS URL and Service Provider Entity ID for Zendesk, perform the following:
On Zendesk for Sales, go to the SSO Configuration page. The ACS URL is under the SAML SSO URL section.
To obtain the Service Provider Entity ID, remove “/access/saml/” from the ACS URL.
image.png

Configure Zendesk for Sales

Perform these steps to configure Zendesk for Sales.

Procedure
  1. Login to Zendesk for Sales with Administrator credentials.
  2. Navigate to Settings > Single Sign on and click Configure.image.png
  3. Click Create SSO configuration, then select SAML.image.png
  4. Provide the following details:
    Configuration name: Name for your identity provider configuration.
    SAML SSO URL: The value of SingleSignOnService, which can be found in the metadata file downloaded from RSA.
    Certificate fingerprint: Refer to the Notes section for instructions on how to obtain the certificate fingerprint.image.png
  5. Scroll down and select Show button when users sign in, then provide a name for the button, and click Save.image.png
  6. Under the Team member authentication section, do the following:
    Select External authentication.
    Select Single sign on (SSO).

    Repeat the same steps for the End user authentication section.image.png
  7. The Configuration name you chose in Step 4 will appear. Select the configuration name and select Let them choose, then click Save.image.png

Notes

To obtain certificate fingerprint, perform the following:
  1. Install the latest version of OpenSSL for Windows.
  2. Open the Windows Command Line.
  3. Navigate to the OpenSSL installation directory (the default directory is C:\OpenSSL-Win32\bin).
  4. Run the following commands to view the certificate fingerprint/thumbprint.
openssl x509 -noout -fingerprint -sha1 -inform pem -in <Certificate.pem>

Certificate.pem is the file downloaded from RSA.

image.png
The configuration is complete.
Return to Zendesk for Sales - RSA Ready Implementation Guide.

Related Articles

Trending Articles

Don't see what you're looking for?