Zendesk - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Zendesk using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
To set up Multi-Pass with Zendesk, ensure you meet the following requirements:
- Zendesk admin rights
- MPAS Admin rights
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
Zendesk - SSO Configuration
Admins can enable SAML single sign-on only for end users, only for team members (including light agents and contributors), or for both groups. You can create multiple SAML SSO configurations. Before you start, obtain the required information from your company's IT team.
Step 1 - Access Zendesk SSO Settings
- From your Zendesk dashboard, click the gear icon on the left sidebar to access the Admin Center.
- In Admin Center:
- Click Account
- Then navigate to Security → Single Sign-On
- Click Create SSO Configuration and choose SAML.
- in Zendesk Admin Center:
| Field | Value |
|---|---|
| Configuration Name | e.g. Multi-Pass |
| SAML SSO URL | https://ca.auth.kzero.com/realms/<REALM_NAME>/protocol/saml |
| Certificate Fingerprint | From Multi-Pass certificate (see below how to find the certificate) |
- Other settings:
- Show button when users sign in
- Button Name: Multi-Pass
- Under Team Member Authentication:
- Enable external authentication
- Select the name of the SSO you just created
- Click Save
Step 2 - Prepare Multi-Pass (IdP)
- Select your tenant.
- On the left side click on "Integrations"
- Click on "Applications" and select the box SAML.
- Complete the form based on information provided by Zendesk.
| Field | Value |
|---|---|
| Client ID | https://kelvinzero.zendesk.com/ |
| Name | zendesk |
| Description | Test SSO |
Assertion Consumer Service URL | |
| NameID Policy Format | email |
- Scroll down and copy the Certificate Fingerprint that you need to paste in the field called "Certificate fingerprint" in Zendesk
- Finalize by clicking on "Add integration"
Verification and completion in the advanced console
- In order to reach the advanced console, from your dashboard, click on "advanced console" located in the left side.
- Click on client and search for the new entry that you just created
- Make sure the fields are correctly completed :
- Settings tab, general settings section :
| Field | Value |
|---|---|
| Client ID | https://<YOUR_SUBDOMAIN>.zendesk.com |
| Name | e.g. zendesk |
| Description | e.g. Test SSO |
| Always Display in UI | ON |
- Scroll down to the access settings section and complete the fields :
| Field | Value |
|---|---|
| Home URL | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/clients/<APP_Name> |
| Valid Redirect URIs | https://<YOUR_SUBDOMAIN>.zendesk.com/access/saml/ |
| IDP-Initiated SSO URL Name | <APP_Name> (e.g. zendesk) |
- Move to the section SAML Capabilities :
| Setting | Value |
|---|---|
| Name ID Format | |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
| Include AuthnStatement | ON |
- Go to the Signature and Encryption :
- Sign assertions has to be switched to ON
- Click Save and go to the keys tab :
- Both parameters have to be switched to OFF
- Finally move to the Advanced tab and complete :
| Field | Value |
|---|---|
| Assertion Consumer Service POST Binding URL | Same as Valid Redirect URI (https://<SUBDOMAIN>.zendesk.com/access/saml/) |
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Notion - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Vanta - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Vanta using MPAS. SSO simplifies user authentication by allowing access to multiple ...Dynatrace - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Dynatrace using MPAS. SSO simplifies user authentication by allowing access to multiple ...Addigy - SSO configuration
This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Addigy using MPAS. SSO simplifies user authentication by allowing access to multiple ...