- Log in to Zendesk.
- In the SAML Configuration Data section, configure the following settings:
- Your sub-domain on the Zendesk site – used for the user login URL when users authenticate with M-Pin SSO through the Zendesk site. (For example, if your sub-domain is 'mpin', the user login URL would be https://mpin.zendesk.com.
- Identity Provider URL – the Single Sign-On Service Location URL (found under Global Settings > SAML Metadata in the M-Pin SSO web console)
- Certificate fingerprint – a fingerprint of the M-Pin SSO X.509 certificate (found under Global Settings > SSO information in the M-Pin SSO web console). One way to obtain a fingerprint is to download the certificate to a directory of your choice, then run the following command in that directory:
openssl x509 -in cert.pem -sha1 -noout -fingerprint
In the M-Pin SSO web console:
- Under Integration, click on the + button next to Zendesk profiles.
The Add Zendesk profile page is displayed.
- Complete the required fields and save the profile:
- Name: (required) – profile name, e.g. 'Sample Samange Profile'
- LDAP Profile: – if you have LDAP profiles configured, they will be available in this drop-down
- Recipient URL: – IAM end point for the client app (if any)
- Subdomain: (required) – your chosen sub-domain name to be used on the Samange domain for accessing the Samange service by your users. For example, if your subdomain is mpin, then users will access Samanage through https://mpin.samanage.com.
After saving, the profile is displayed on the Zendesk profiles page.
From this point on, when your users visit the Zendesk service and enter an email address belonging to the profile just set up, Zendesk will detect that single sign-on is enabled and a password will no longer be necessary.