FreshDesk Single Sign On (SSO) with WordPress as IDP | Login into FreshDesk using WordPress

FreshDesk is an online cloud-based customer service software providing helpdesk support with all smart automations to get things done faster. The main purpose of establishing a Single Sign-On (SSO) process with FreshDesk is to allow your users a single point of entry into your system while providing them access to multiple other independent systems. Login using WordPress Users ( WP as SAML IDP ) plugin gives you the ability to use your WordPress credentials to log into FreshDesk . Here we will go through a step-by-step guide to configure SSO between, FreshDesk as Service Provider and WordPress as an Identity Provider.


miniorange img Pre-requisite: Download And Installation


  • To integrate the WordPress site as an Identity Provider, you will need to install the miniOrange
    Login using WordPress Users ( WP as SAML IDP ) plugin:
  • Before you configure, make note of some of the requirements/features that Freshworks SAML implementation supports.
    • FreshDesk currently support SP initiated SAML SSO only.
    • FreshDesk currently support HTTP Post binding only.
    • FreshDesk require the Name Provider Format to be Unspecified with email as the value.
    • FreshDesk currently do NOT support Encrypted SAML Assertions.

Follow the steps below to configure SSO between FreshDesk and WordPress.

Step 1: Configure FreshDesk as the Service Provider:

  • Open the WordPress site.
  • Install and activate the Login using WordPress Users ( WP as SAML IDP ) plugin on your WordPress site
    which is acting as an Identity Provider.
  • Go to the Wordpress IDP plugin, navigate to the IDP Metadata tab. Here, you can find the Identity
    Provider metadata such as IDP-EntityID / Issuer, Certificate , Login URL and Logout URL which are required
    to configure the Service Provider (FreshDesk).

  • wordpress saml upload metadata freshdesk as sp

    miniorange img Instructions:

  • Log into the FreshDesk Admin Portal as a System Admin and navigate to the Security icon in the sidebar and click on Single Sign On(SSO).
  • You can define a default security policy that will be applicable for all users in the organization including admins/
    agents. You can also create custom policies to configure SSO for contacts or to cater to agents in a specific
    portal.
  • Scroll down and toggle the Single Sign-On option. Choose SAML SSO as the login method.
  • Note: Org Admins are the only ones who can configure SSO.
    Note: You can access the Organization Dashboard by opening the Freshworks Switcher and clicking on your
    organization link.


    FreshDesk  settings freshdesk as sp
  • Copy the values into relevant fields and click on Save to complete your SAML configuration.
  • Entity ID You can find this in IDP Metadata as SP-EntityID.
    SAML SSO URL You can find this in IDP Metadata as SAML Login URL.
    Signing Option You can select various signing options from the dropdown list.
    For now select Only Signed Assertions .
    Logout URL (optional) You can find this in IDP Metadata as SAML Logout URL.
    Security Certificate You can find this in IDP Metadata as Certificate .
    FreshDesk  settings freshdesk as sp

Step 2: Configure WordPress as the Identity Provider:

  • You would need following credentials from FreshDesk Entity ID , ACS URL .
  • Navigate to the Security icon in the sidebar and click on Single Sign On(SSO).
  • Scroll down to the Single Sign-On option.
  • You will be presented with the ACS URL and Entity ID from Freshworks side that you need to configure in the
    IdP. Please make a note of the same and use them to configure SAML in your IdP.

  •  entity id and acs url freshdesk as sp

    miniorange img Instructions:

  • Open the WordPress site.
  • Go to the WordPress IDP plugin, navigate to the Service Provider tab.
  • Enter the values corresponding to the information from FreshDesk . Refer to the table below.

    Service Provider Name Name of your Service Provider.
    SP Entity ID or Issuer Copy and paste the SP-EntityID from FreshDesk .
    ACS URL Copy and paste the ACS URL from FreshDesk .
    NameID Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
    Assertion Signed Checked
  • enter sp info freshdesk as sp
  • Click on the Save button to save your configurations.

Step 3: Configure attributes in the plugin (This is a premium feature):

  • FreshDesk expects the SAML claims (information of a user at the time of SAML assertion) to be in the following
    format to update the profile.
  • FreshDesk Profile Attribute Expected SAML Claim format
    First Name "givenname", "FirstName", "User.FirstName", "username",
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
    Last Name "surname", "LastName", "User.LastName",
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
    Work Number "phone"
    Mobile Number "mobile"
    Company Name "company", "organization"
    Job title "title", "job_title"
    In WordPress:
  • In the WordPress IDP plugin, navigate to the Attribute/Role Mapping tab.
  • In the User Attributes section, enter the following information and click Save .
  • Name User Meta Data
    FirstName first_name
    LastName last_name
  • In the Custom Attributes section, you can enter custom attributes and click Save .
  • Name Custom Attribute Value
    company eg. xyz.inc
    title eg. Engineer
    attribute mapping freshdesk as sp

Step 4: Testing SSO :

  • In the FreshDesk, click logout to verify the SAML configuration.
  • On the login page, you will notice a new option to login called Sign in with SSO.

  • freshdesk login freshdesk as sp
  • On Clicking the button you would be redirected to the WordPress Login Screen. Enter valid credentials and click on Log in button.
wordpress login freshdesk as sp
If you are able to successfully complete the authentication and log into Freshworks your configuration is
successfully complete.

Business Trial For Free

If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com