FreshDesk is an online cloud-based customer service software providing helpdesk support with all smart automations to get things done faster. The main purpose of establishing a Single Sign-On (SSO) process with FreshDesk is to allow your users a single point of entry into your system while providing them access to multiple other independent systems. Login using WordPress Users ( WP as SAML IDP ) plugin gives you the ability to use your WordPress credentials to log into FreshDesk . Here we will go through a step-by-step guide to configure SSO between, FreshDesk as Service Provider and WordPress as an Identity Provider.
Pre-requisite: Download And Installation
- To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange
Login using WordPress Users ( WP as SAML IDP ) plugin:
- Before you configure, make note of some of the requirements/features that Freshworks SAML implementation supports.
- FreshDesk currently support SP initiated SAML SSO only.
- FreshDesk currently support HTTP Post binding only.
- FreshDesk require the Name Provider Format to be Unspecified with email as the value.
- FreshDesk currently do NOT support Encrypted SAML Assertions.
Follow the steps below to configure SSO between FreshDesk and WordPress.
Step 1: Configure FreshDesk as the Service Provider:
- Open the WordPress site.
- Install and activate the
Login using WordPress Users ( WP as SAML IDP ) plugin on your WordPress site
which is acting as an Identity Provider.
- Go to the Wordpress IDP plugin, navigate to the IDP Metadata tab. Here, you can find the Identity
Provider metadata such as IDP-EntityID / Issuer, Certificate , Login URL and Logout URL which are required
to configure the Service Provider (FreshDesk).
- Log into the FreshDesk Admin Portal as a System Admin and navigate to the Security icon in the sidebar and click on Single Sign On(SSO).
- You can define a default security policy that will be applicable for all users in the organization including admins/
agents. You can also create custom policies to configure SSO for contacts or to cater to agents in a specific
- Scroll down and toggle the Single Sign-On option. Choose SAML SSO as the login method.
- Copy the values into relevant fields and click on Save to complete your SAML configuration.
Note: Org Admins are the only ones who can configure SSO.
Note: You can access the Organization Dashboard by opening the Freshworks Switcher and clicking on your
|Entity ID||You can find this in IDP Metadata as SP-EntityID.|
|SAML SSO URL||You can find this in IDP Metadata as SAML Login URL.|
You can select various signing options from the dropdown list.
For now select Only Signed Assertions .
|Logout URL (optional)||You can find this in IDP Metadata as SAML Logout URL.|
|Security Certificate||You can find this in IDP Metadata as Certificate .|
Step 2: Configure WordPress as the Identity Provider:
- You would need following credentials from FreshDesk Entity ID , ACS URL .
- Navigate to the Security icon in the sidebar and click on Single Sign On(SSO).
- Scroll down to the Single Sign-On option.
- You will be presented with the ACS URL and Entity ID from Freshworks side that you need to configure in the
IdP. Please make a note of the same and use them to configure SAML in your IdP.
- Open the WordPress site.
- Go to the WordPress IDP plugin, navigate to the Service Provider tab.
- Enter the values corresponding to the information from FreshDesk . Refer to the table below.
Service Provider Name Name of your Service Provider. SP Entity ID or Issuer Copy and paste the SP-EntityID from FreshDesk . ACS URL Copy and paste the ACS URL from FreshDesk . NameID Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified Assertion Signed Checked
- Click on the Save button to save your configurations.
Step 3: Configure attributes in the plugin (This is a premium feature):
- FreshDesk expects the SAML claims (information of a user at the time of SAML assertion) to be in the following
format to update the profile.
|FreshDesk Profile Attribute||Expected SAML Claim format|
"givenname", "FirstName", "User.FirstName", "username",
"surname", "LastName", "User.LastName",
|Company Name||"company", "organization"|
|Job title||"title", "job_title"|
- In the WordPress IDP plugin, navigate to the Attribute/Role Mapping tab.
- In the User Attributes section, enter the following information and click Save .
- In the Custom Attributes section, you can enter custom attributes and click Save .
|Name||User Meta Data|
|Name||Custom Attribute Value|
Step 4: Testing SSO :
- In the FreshDesk, click logout to verify the SAML configuration.
- On the login page, you will notice a new option to login called Sign in with SSO.
- On Clicking the button you would be redirected to the WordPress Login Screen. Enter valid credentials and click on Log in button.
If you are able to successfully complete the authentication and log into Freshworks your configuration is