Freshdesk

Before You Begin

Introduction

This document describes how to configure Oracle Identity Cloud Service to provide Single Sign-On (SSO) for Freshdesk using SAML.

About Freshdesk

Freshdesk is a cloud-based customer support platform that enables companies of all sizes to provide effectual customer service. Freshdesk offers multichannel capability and integrated game mechanics to increase agent productivity, multiple SLA policies, smart automations, and self-service portals.

After integrating Freshdesk with Oracle Identity Cloud Service:

  • Users can access Freshdesk using their Oracle Identity Cloud Service login credentials.
  • Users can start Freshdesk using the Oracle Identity Cloud Service My Apps console.
  • Admins can assign and revoke user access to the Freshdesk app using the Oracle Identity Cloud Service administration console.

What Do You Need?

  • An Oracle Identity Cloud Service account with authorization rights to manage apps and users (Identity Domain Administrator or Application Administrator).
  • A Freshdesk account with authorization rights to configure federated authentication.

Configuring the Freshdesk App in Oracle Identity Cloud Service

Use this section to register and activate the Freshdesk app, and then assign users to the app.

Prerequisite Steps

A dedicated domain name is required before you can register and activate the Freshdesk app.

The Freshdesk domain name appears in the Freshdesk login URL: https://<Domain_Name>.freshdesk.com that you received in an email from Freshdesk.

Registering and Activating the Freshdesk App

  1. Access the Oracle Identity Cloud Service administration console, select Applications, and then click Add.

  2. Click App Catalog.

  3. Search for Freshdesk, and then click Add.

  4. In the App Details section, enter your Freshdesk Domain Name, and then click Next.

    Note: This is the domain name that you registered with Freshdesk while creating the account.

  5. Click Download Signing Certificate.

    Tip: Use this file later during the Freshdesk configuration in the "Configuring SSO for Freshdesk" section.

  6. Click Finish. Oracle Identity Cloud Service displays a confirmation message.

  7. Click Activate, and then click Activate Application. The Oracle Identity Cloud Service displays a confirmation message.

Assigning Users to the Freshdesk App

  1. On the Freshdesk app page in Oracle Identity Cloud Service, select Users, and then click Assign. The Assign Users window appears.

  2. Select users that you want to assign to Freshdesk, and then click OK. Oracle Identity Cloud Service displays a confirmation message stating that the Freshdesk app is assigned to the users that you selected.

Converting Oracle Identity Cloud Services Certificate to Fingerprint Format

  1. Go to https://www.samltool.com/fingerprint.php, and then paste the certificate that you downloaded earlier in the X.509 cert text box.

    Tip: This is the certificate that you downloaded during the Freshdesk registration in the "Registering and Activating the Freshdesk App"" section.

  2. Select SHA256 from the Algorithm drop-down list, and then click CALCULATE FINGERPRINT.

  3. Make note of the converted fingerprint in the Formatted Fingerprint text box.

NOTE: Use this fingerprint later during SSO configuration in the "Configuring SSO for Freshdesk" section.

Configuring SSO for Freshdesk

  1. Access Freshdesk as an administrator using the URL: https://<Domain_Name>.freshdesk.com. The Freshdesk home page appears.

  2. Click Admin in the header menu, locate the General Settings section, and then click Security.

  3. On the Security page, enable Single Sign On (SSO), and then select the SAML SSO option.

  4. Use the table to update the federated authentication attributes.

    This table lists the mandatory federated authentication attributes that you must set to complete the SSO configuration.
    Attribute Value
    SAML Login URL Enter the Sign-in URL/SSO Endpoint: https://<IDCS-Service-Instance>.identity.oraclecloud.com/fed/v1/idp/sso.
    Security Certificate Fingerprint Paste the converted fingerprint that you obtained while performing steps in the "Converting Oracle Identity Cloud Services Certificate to Fingerprint Format" section.
  5. Locate Admin Notifications section, enter the name of the administrator in the Send notifications to text box, and then click Save.

    Note: Freshdesk can be accessed by a user who is assigned to the Freshdesk app in Oracle Identity Cloud Service, even if the user does not have a Freshdesk account.

    Enabling SSO deactivates the ability to log in using the user name and password. Remain logged in to the Freshdesk session until you complete the next section to verify that Identity Provider initiated SSO from Oracle Identity Cloud Service works.

Verifying the Integration

Use this section to verify that SSO works when initiated from Oracle Identity Cloud Service (IdP Initiated SSO) and Freshdesk (SP Initiated SSO).

Verifying Identity Provider Initiated SSO from Oracle Identity Cloud Service

  1. Access the Oracle Identity Cloud Service My Profile console using the URL: https://<IDCS-Service-Instance>.identity.oraclecloud.com/ui/v1/myconsole.

  2. Log in using credentials for a user that is assigned to the Freshdesk app. Oracle Identity Cloud Service displays a shortcut to Freshdesk under My Apps.

  3. Click Freshdesk. The Freshdesk home page appears.

  4. In the upper-right corner, click the user icon, and then confirm that the user that is logged in is the same for both Freshdesk and Oracle Identity Cloud Service.

    This confirms that SSO that is initiated from Oracle Identity Cloud Service works.

Verifying Service Provider Initiated SSO from Freshdesk

  1. Access Freshdesk using the URL: https://<Domain_Name>.freshdesk.com, and then click Login in the upper-right corner of the login page. You are redirected to the Oracle Identity Cloud Service login page.

  2. Log in using credentials for a user that is assigned to the Freshdesk app. The Freshdesk home page appears.

  3. In the upper-right corner, click the user icon, and then confirm that the user that is logged in is the same for both Freshdesk and Oracle Identity Cloud Service.

    This confirms that SSO that is initiated from Freshdesk works.

Troubleshooting

Use this section to locate solutions to common integration issues.

Known Issues

Oracle Identity Cloud Service displays the message, "You are not authorized to access the app. Contact your system administrator."

Cause 1: The SAML 2.0 integration between the Oracle Identity Cloud Service Freshdesk app and Freshdesk is deactivated.

Solution 1:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select Freshdesk.
  • In the App Details section, click Activate, and then click Activate Application. Oracle Identity Cloud Service displays a confirmation message.

Cause 2: The administrator revokes access for the user at the same time that the user tries to access the Freshdesk app using Oracle Identity Cloud Service.

Solution 2:

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then select Freshdesk.
  • In the App Details section, select Users, and then click Assign to re-assign the user.

Unknown Issues

For unknown issues, contact Oracle Support:

  1. Go to https://support.oracle.com.

  2. Select Cloud Support, and then sign in with your support credentials.

  3. In the Cloud Dashboard, confirm that there are no planned outages in Oracle Identity Cloud Service, and then click Create Service Request.

  4. Select Oracle Identity Cloud Service as the service type.

  5. Complete your service request.