Configuring SAML SSO for Zendesk

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Zendesk.

Prerequisite

  1. Login to ADSelfService Plus as an administrator.
  2. Navigate to  Configuration → Self-Service → Password Sync/Single Sign On → Add Application, and select Zendesk from the applications displayed.
    Note: You can also find Zendesk application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
  3. Click IdP details in the top-right corner of the screen.
  4. In the pop-up that appears, copy the Login URL, Logout URL and Sha256 Fingerprint values.

Zendesk (Service Provider) configuration steps

  1. Log in to Zendesk with administrator credentials.
  2. Navigate to Admin Center by clicking box-menu icon near profile icon.
  3. In Admin Center, Navigate to Security → Single Sign-on.
  4. Click Configure in the SAML section.
  5. Select Enabled checkbox.
  6. In the SAML SSO URL field, enter the URL for signing into your system and Zendesk.(Refer Step 4 of Prerequisite)

  7. In the Certificate Fingerprint field, enter the certificate fingerprint obtained from the product.(Refer Step 4 of Prerequisite)

  8. In the Remote Logout URL, enter the URL for redirecting users to when they sign out.(Refer Step 4 of Prerequisite)

  9. Make note of Assign Consumer Service (ACS) URL till the domain name, It will be input in SAML Redirect URL field in the ADSelfService Plus configuration

    Screenshot
  10. Click Save
  11. Enable SAML Single Sign-On for end users by navigating to Security → End Users
  12. Select Exernal Authenticaiton
  13. Click Save

ADSelfService Plus (Identity Provider) configuration steps

  1. Now, switch to ADSelfService Plus’ Zendesk configuration page.
  2. Enter the Application Name and Description.
  3. In the Assign Policies field, select the policies for which SSO need to be enabled.
    Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
  4. Select Enable Single Sign-On.
  5. Enter the Domain Name of your Zendesk account. For example, if you use johndoe@thinktodaytech.com to log in to Zendesk, then thinktodaytech.com is the domain name.
  6. Enter the SAML Redirect URL you had saved in Step 9 of Zendesk configuration.
  7. Enter the Assertion Consumer Service URL provided by your application service provider in the Assertion Consumer Service URL field. If required, click the + button next to the text field to add multiple Assertion Consumer URLs. These values can be found in the application's SSO configuration page or metadata. Please reach out to your application's support team if you are having trouble locating the Assertion Consumer Service URL in your application's user interface or metadata.
  8. In the Name ID Format field, choose the format for the user login attribute value specific to the application.

    9. Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application.

  9. Click Add Application

    Your users should now be able to sign in to Zendesk Online through ADSelfService Plus.

    10. Note:
    • For Zendesk, both SP and IDP initiated flows are supported.
    • Zendesk SAML login can be bypassed by using as https://<org_domain_name>.zendesk.com/access/normal
Go to Top

Copyright © 2025, ZOHO Corp. All Rights Reserved.