Configuring SAML SSO for DeskPro

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and DeskPro

Prerequisite

  1. Log in to ADSelfService Plus as an administrator.
  2. Navigate to  Configuration → Self-Service → Password Sync/Single Sign On → Add Application, and select DeskPro from the applications displayed.
    Note: You can also find DeskPro application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
  3. Click IdP details in the top-right corner of the screen.
  4. In the pop-up screen that appears, copy the values of Login URL, Logout URL, Sha1 fingerprint and  download the sso certificate by clicking Download Certificate
    5. IDP Details

DeskPro (Service Provider) configuration steps

  1. Now, log in to your DeskPro administrator account.

  2. Select ADMIN found in the topright corner of the page and select Admin Home.

    Screenshot

  3. Select Admin → CRM → Auth & SSO in the left pane.

    Screenshot
  4. Click Add and select SAML Authentication in the window that opens.
  5. Check Yes in Enabled?
  6. Paste the Login URL you had copied in Step 4 of Prerequisite in SSO Single Logon field.
  7. Paste the Logout URL you had copied in Step 4 of Prerequisite in SSO Single Logoff field.
  8. Paste the Login URL used in Step 6 in the Metadata issuer XML meatadata URL field.
  9. Upload the SSO certificate you had downloaded in Step 4 of Prerequisite by selecting Choose file option in x509 Certificate field.
  10. Paste the Fingerprint value you had copied in Step 4 of Prerequisite.
  11. Ensure that the checkbox in Sign Authentication Request is unchecked.
  12. Ensure that the Name ID Format is email address.
  13. You can give your own Login Button Text.
  14. Click Install App / Save.

ADSelfService Plus (Identity Provider) configuration steps

  1. Now, switch to ADSelfService Plus’ DeskPro configuration page.
  2. Enter the Application Name and Description.
  3. In the Assign Policies field, select the policies for which SSO need to be enabled.
    Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
  4. Select Enable Single Sign-On.
  5. Enter the Domain Name of your DeskPro account. For example, if you use johndoe@thinktodaytech.com to log in to DeskPro, then thinktodaytech.com is the domain name.
  6. In the SP Identifier field enter your unique/organization name found in DeskPRO login URL. For example, if your login URL is thinktoday.deskpro.com, then the SP Identifier name is thinktoday.
  7. Enter the Assertion Consumer Service URL provided by your application service provider in the Assertion Consumer Service URL field. If required, click the + button next to the text field to add multiple Assertion Consumer URLs. These values can be found in the application's SSO configuration page or metadata. Please reach out to your application's support team if you are having trouble locating the Assertion Consumer Service URL in your application's user interface or metadata.
  8. In the Name ID Format field, choose the format for the user login attribute value specific to the application.

    9. Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application.

  9. Click Add Application.
    10. Your users should now be able to sign in to DeskPro through ADSelfService Plus.
    Note: For DeskPro, both IdP-initiated and SP-initiated flows are supported.
Go to Top

Copyright © 2025, ZOHO Corp. All Rights Reserved.