The process of confirming the identity of an individual or a system attempting to access a particular service is commonly referred to as user authentication. One of the crucial aspects of security is ensuring that only authorized individuals can access certain information or carry out specific actions. This helps to prevent unauthorized access and ensures that the data remains protected throughout the exchange process.

A help center is an online resource that provides information and support for customers or users of a product or service. It can include frequently asked questions (FAQs), tutorials, troubleshooting guides, and other resources to help customers find the information they need and solve problems independently. A well-designed help center can improve customer satisfaction and reduce the workload for customer support teams by enabling customers to self-serve and find answers to their questions quickly and effortlessly.

We have enhanced the existing mechanism to provide a better, safer, and simpler authentication process. The improved mechanism (JWT authentication and the existing SAML authentication mechanism) verifies the authenticity of your end users and permits them to use the help center.

In Zoho Desk, customers are classified as guests and authenticated users based on whether they want to log in to the help center.

Users who don't log in to the help center are called guests. They can read the knowledge base articles, submit a ticket, and view posts in the community. However, they cannot perform actions such as following a topic, adding an issue, tracking a submitted ticket status, or commenting on existing posts.

Users who log in to the help center are called authenticated users. The authentication process for these users involves self-signup (creating an account in the Zoho Desk Help Center) and a SAML or JWT authentication mechanism.

Once the users are authenticated, they can access the knowledge base tab, view help articles, submit and view submitted tickets, and view other users' tickets in their accounts. Users can also post in the community, including following topics, adding a topic, and commenting on existing posts.

JWT (JSON Web Token) is a secure and efficient way of exchanging claims between two parties. It is a compact and URL-safe method of representing data that needs to be transferred. JWT is usually used for authentication and authorization purposes. The token is digitally signed, which ensures its authenticity and integrity. JWTs are widely used in modern web applications and APIs to transmit information securely between the client and server. In the Desk Help Center context, this means a more robust and reliable end-user authentication process. Admins can now configure the JWT-based authentication mechanism in Zoho Desk, adding an extra layer of security and control over user access to the help center.

SAML single sign-on authentication involves a service provider, Zoho Desk, and an identity provider. When you enable SAML, your company's identity provider (IdP) handles end-user management and authentication. An end user who requests access to Zoho Desk's Help Center will be redirected to your identity provider for authentication. The identity provider authenticates the end user and generates an authentication assertion, indicating that a user has been authenticated. Upon receiving the assertion, the end user is redirected back to your Help Center and signed in seamlessly. As a single point of authentication with your trusted identity provider, SAML ensures that your end-user credentials are secure within your company's firewall boundary.

Watch this space for upcoming Help Center updates!

Regards,

Kavya Rao
The Zoho Desk Team