Integrating Trusona and Zendesk

This guide details the steps required to configure Trusona as a passwordless authentication solution for Zendesk.

1. Getting started

Gather your Zendesk assertion consumer service URL. It takes the following form: https://<your subdomain>.zendesk.com/access/saml

2. Set up integration

2.1. Log into Trusona

Log into your Trusona account at trusona.dashboard.com

Log into the Trusona dashboard
Log into the Trusona dashboard

2.2. Navigate to the generic integration option(s)

Locate the navigation bar on the left side of the main page, and click on the Generic SAML tab

Navigate to the correct tab
Navigate to the correct tab

2.3. Creating a new generic integration

Click on the Create button to begin

Navigate to the correct tab
Navigate to the correct tab

3. Customize & Upload Data

Be sure to fill in all the necessary information requested, and upload any files/documents needed. Failure to do so may prevent Trusona from creating the integration successfully

Fill out all the necessary information carefully
Fill out all the necessary information carefully

4. Additional actions for integrations

Once you have created your integration, you will be redirected back to the integration dashboard. From there, you should be able to see your new integration listed.

To the right of it, click on the Actions button. You will be presented with a number of different options you can select, depending on your requirements.

Click on the Actions button for further configuration details
Click on the Actions button for further configuration details

5. Identity provider setup

  1. Navigate to the Zendesk Admin Center
  2. Click “Security Settings” in the Security section
  3. Click the “Single sign-on” navigation item
  4. Click “Configure” in the SAML section
  5. Ensure that the “Enabled” checkbox is checked
  6. Enter the SAML SSO URL from Trusona
  7. Enter the Certificate Fingerprint from Trusona
  8. Click the “Save” button

6. Adding SAML SSO Users in ZenDesk

  1. Navigate to the Zendesk Admin Center
  2. Choose Staff Members (for your employees) or End users (for your support users)
  3. Enabled the “External authentication” checkbox
  4. Select SAML as the Single Sign-on(SSO) option

6.1. SSO for staff members

When using SSO for “Staff members” Zendesk authentication is still available as an option. When you disable Zendesk authentication for staff members, all Zendesk passwords are deleted from the staff members’ accounts in 24 hours by Zendesk.

If you have disabled Zendesk authentication for staff members, you can specify who is allowed to use the SSO bypass URL (Account owner or Account owner and all Admins.) Your backup URL takes the form of https://<your subdomain>.zendesk.com/access/normal.

6.2. SSO for end users

When using SSO for “End users”, all other authentication options are disabled.

7. Testing the configuration

  1. Open a private browsing window
  2. Navigate to https://www.zendesk.com/
  3. Click “Log in”
  4. Enter your subdomain
  5. Click “Sign in”

Complete the authentication in the Trusona App to access your Zendesk instance.

7.1. Vanity URL setup

Add a new CNAME DNS record for your domain.

  1. Set the “host” value to the URL you’d like users to see when logging in
  2. Set the “Answer” value to ssl.trusona.net
  3. Set the TTL to 300

Here’s an example of a CNAME answer when retrieved by dig tada.trusona.com.

tada.trusona.com. 3600 IN CNAME ssl.trusona.net.

Integrations

Desktop
IAM and SSO
PAM
Productivity
RADIUS
Remote access
VPN

Guides

Get started guides
Implementation guides
Users guides

SDKs

Mobile SDKs
Server SDKs
Web SDKs

APIs

Authentication Service
ID Proofing Service
Mobile Auth for Browsers Service

TOTP

Business
E-commerce
Finance
Productivity
Social
Gaming
Other