Welcome to Portal

?Unknown\pull-down

Welcome to Zoho Cares

Bienvenido a Soporte de Zoho

Search our knowledge base, ask the community or submit a request.

Enabling Federated Login for Help Center

The federated login allows your end users to access the Help Center using a single authentication ticket/token from identity providers (IdP) such as Google, Facebook, LinkedIn, or Zoho. You can enable it to simplify the experience for users who do not wish to create and maintain distinct accounts for tracking their support tickets.

You can set up federation with the following identity providers:
  1. Zoho
  2. Google
  3. LinkedIn
  4. Facebook
  5. Microsoft Azure

Important:
  1. Setting up federation requires you to provide the Client ID and Client Secret of the respective identity providers in Zoho Desk.
  2. New signup moderation will not be available for federated users.
  3. Federated users can access your help center without needing to receive an invite.

Federation with Zoho
By setting up federation with Zoho, you can allow end users to sign in to your Help Center with their own Zoho accounts without having to create a separate account.

To set up federation with Zoho:
  1. Click the Setup > Channels > Help Center. 
  2. Click Federated Login from the left panel.
  3. On the Federated Login page, select Zoho.
    You will land on the Add Provider page.
  4. Check the box to agree to the Terms and click Enable.
    The option to sign in using Zoho will now be available on your help center login page.



Note:
  1. Enabling federation with Zoho creates an OAuth client. You can view this client by accessing the Zoho Developer Console URL displayed on the Federated Login page.

Federation with other IdPs
By setting up federation with third-party identity providers, you can allow end users to sign in to your Help Center with those credentials without having to create a separate account.

To set up federation with third-party IdPs:
  1. Click the Setup > Channels > Help Center. 
  2. Click Federated Login from the left panel.
  3. On the Federated Login page, do the following:
    1. Select the third-party IdP for the Federation SSO operation.
      You can choose to add LinkedIn, Google, or Facebook.
    2. Paste the Client ID copied from the identity provider.
    3. Paste the Client Secret copied from the identity provider.
  4. Check the box to agree to the Terms and click Enable.
    The conditions are only displayed when the customer self sign-up permission is enabled for your help center.
    The option to sign in using the provider will now be available on your help center login page.

Getting Client ID and Secret
When you set up federation with third-party IdPs, you must get their client ID and secret to be provided in Zoho Desk. The steps to create or generate these will vary by provider. Let's look at the steps involved for each of the providers supported in your Zoho Desk.

 Google 
  1. Sign in to the Google API Console with your Google account.
  2. On the Dashboard (APIs & Services), click Create Project and then click Create.



  3. On the New Project page, enter a Project name and select a Location.
  4. Click Create.
    Now look for the Getting Started card. It will likely be at the bottom left.



  5. Click Explore and enable APIs.



  6. Under APIs & Services, click OAuth consent screen.
  7. For the User Type, select Internal or External as per your preference and then Create.



  8. On the OAuth consent screen page, do the following:
    1. For Application name, enter a name of your choice.
    2. For Application logo, upload your preferred logo.
    3. For Authorized domains, enter its corresponding value from the Federated Login page in Zoho Desk.
  9. Click Save.
  10. Now, click the Credentials tab on the left pane.
  11. In the Create credentials menu, choose OAuth client ID.



  12. On the Create OAuth client ID page, do the following:
    1. Under Application type, choose Web application.
    2. For Name, enter a name of your choice.
    3. Under Authorized redirect URls, enter the value of Redirect URl from the Federated Login page in Zoho Desk.
  13. Click Create.
  14. Copy the client ID and client secret, which you'll use when you add the identity provider in Zoho Desk.
    Make sure that you don't include any trailing spaces in the client ID and secret.



 LinkedIn 
  1. Log into LinkedIn using your credentials for the LinkedIn developer portal.



  2. Go to MyApps section.
  3. Click on Create App.



  4. Enter all the necessary details related to your app and then click Create app.
    You will land on the app's
    Settings tab.



  5. Click the Auth tab from the top of the page.
  6. You will find the Client ID and Client Secret under Application credentials.
    Save these values to be provided in Zoho Desk.



  7. Under OAuth settings, click +Add redirect URL and enter the Redirect URl copied from the Federated Login page in Zoho Desk.
  8. Navigate to the Products tab and click Request access for Sign In with LinkedIn using OpenID Connect.




 Facebook 
  1. Go to the Facebook for Developers page and login with your Facebook account.



  2. At the right corner of the top navigation bar, click the My Apps link and then click Create App.



  3. Enter the Display Name and Contact Email.
  4. Click Create App ID.
    The new App will be created and redirected to the Facebook App Dashboard.
  5. At the left navigation menu panel, click the Products(+) link and navigate to the Add a Product page.
  6. Select Facebook Login product and click Set Up.
  7. At the left navigation menu panel, click Settings under Products.



  8. Go to the Client OAuth Settings section.
  9. In the Valid OAuth Redirect URIs field, enter the Redirect URl copied from the Federated Login page in Zoho Desk.
  10. Click Save Changes.



  11. Now navigate to the Settings » Basic page, copy the App ID and App Secret.
    This is the client ID and secret that you'll use when you add the identity provider in Zoho Desk.



 Microsoft Azure
  1. Sign in to your Azure portal.



  2. Search for and click Azure Active Directory.
  3. Under Manage, click App registrations > New registration.



  4. On the Register an application page, do the following:



    1. Enter a display Name for your application.
    2. Specify who can use the application, sometimes called its sign-in audience.
    3. In the Redirect URl section, enter the Redirect URI value from the Meta Data section of Microsoft's page in Zoho Desk.
    4. Click Register to complete the initial app registration.
  5. After registration, the Azure portal displays the app registration's Overview pane.



  6. You see the Application (client) ID. Also called the client ID, this value should be used when you add the identity provider in Zoho Desk.
  7. The next step is to create the Client Secret. Follow the steps below to create one:



    1. Under Manage, click Certificates & secrets > New client secret.
    2. Add a description for your client secret and select a duration for its expiry.
    3. Click Add.
    4. Copy the client secret (Value field), which you'll use when you add the identity provider in Zoho Desk.
      Note: The client secret is never displayed again after you leave this page.

Disabling Federation for IdPs
If you later want to temporarily or permanently prevent access by users of federated domains, you can disable them for your help desk. Follow the steps in this section to disable federated user access for an identity provider:
  1. Click the Setup > Channels > Help Center. 
  2. Click Federated Login from the left panel.
  3. On the Federated Login page, do the following:
    1. Hover your mouse pointer on the provider and click Disable.
    2. Click Disable to confirm your action.

Helpful?97
Updated: 2 months ago
Share :
2 comments

Is it possible to have the same federated login for multiple clients? As in, if I have 3 clients using Google Workspace, is it possible to allow all three to authenticate with Google?

Is it possible to be our own IdP instead of one of the listed third-party IdPs?

Our goal is to federate specific user types (e.g. Team Owner, Team Admin) so they become registered users, then provide access to Team Admin articles in the Help Center only for those logged in users.

Stats
1 follower
Follow

Subscribe to receive notifications from this article.