Okta

How to Configure SAML 2.0 for Zendesk

Contents


Supported Features

The Okta/Zendesk SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.


Configuration Steps

Note: The SAML settings are the same for Staff members and End-users and can be activated on the corresponding tabs. You do not need to specify separate SAML configurations.

  1. Login to Zendesk security settings in Admin Center at https://[your-subdomain].zendesk.com/admin/security/sso.

  2. Click Configure for SAML.

    Log in https://[your-subdomain].zendesk.com/admin/security/sso, click SAML > Configure

  3. Enter the following:

    • Click Enabled.

    • SAML SSO URL: Copy and paste the following:

      Sign in to the Okta Admin app to have this variable generated for you.

    • Certificate fingerprint: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Remote logout URL: Copy and paste the following:

      Sign in to the Okta Admin app to have this variable generated for you.

    • (OPTIONAL) IP ranges: Enter your IP ranges. Requests from these IP ranges will always be routed via remote authentication. Requests from IP addresses outside these ranges will be routed to the normal sign-in form.

    • Click Save:

    zendesk_new_b.png

  4. If you want to enable SAML for Staff members and/or for End users, go to the corresponding tab, check External authentication, then click Save:

    • Staff members:

      staff members

    • End users:

      end users

  5. Done!


Notes

Make sure that you entered the correct value in the Your Zendesk company name field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Zendesk.

SP-initiated SSO

Go to: https://[your-company-subdomain].zendesk.com URL.