Thank you for choosing Centrify!
The following is an end-to-end guide for integrating Zendesk with the Centrify Identity Service platform. The integration helps to eliminate identity silos with administrators having to manage user's access across multiple systems and end users having to remember multiple usernames and passwords. The integration allows administrators to manage user's access from one common directory (i.e. Active Directory), including inheritance of your active directory group policies to secure access to Zendesk. End users enjoy the benefit of single sign-on to Zendesk, leveraging a credential they already know and use on a daily basis - their active directory credentials.
Install time ~ 1-3 hours
1) Zendesk account
2) Centrify Identity Service account
3) Active Directory
4) Windows server for Centrify Connector (requirements below)
Let's get started
1) Log into your Centrify Identity Service tenant.
2) Once logged on, you will be presented with Centrify’s configuration wizard. You can choose to use the wizard for general setup, however, for purposes of this guide, you can check the ‘Don’t show this to me again’ box and close the window. This will stop the wizard from appearing during the configuration process.
3) Install the Centrify Connector following this guide:
4) Next, we must create roles in Centrify to contain the users of the Zendesk application. Zendesk has 3 roles (Admin, Agent and End-User) that can be leveraged. A minimum of one Centrify role must be created and mapped to a Zendesk role (See Step 32 below). For the purposes of this guide, we will create an administrators role for all the Zendesk administrators. Additional roles can be created in Centrify similarly to the administrator role done in this guide. To create a role, navigate to 'Roles' -> 'Add Role'. Name the role 'Zendesk Administrators'.
5) Next, navigate to the 'Members' tab and select the users that you want to grant 'Administrator' access in Zendesk. This can be individual users in active directory or a security group that contains multiple users. Search for the users or security groups and click 'Add'.
6) Next, navigate to 'Apps' menu from the navigation bar, then 'Add Web Apps'. Search for the Zendesk application and choose the 'Zendesk SAML + Provisioning' template. Click 'Add' to continue.
7) Click 'Yes' to continue.
8) Next, open a new browser tab login to Zendesk with your administrator account. Under 'Security', enable the 'Single Sign-on (SSO)' configuration, then enable 'SAML' as the protocol.
9) With both the Centrify 'Application Settings' page and the Zendesk 'Single sign-on (SSO)' tabs open, exchange the following configurations as illustrated below. The 'Zendesk Account Name' is your Zendesk account name which can be taken from your login URL (i.e. The 'https://centrifydemo236.zendesk.com' Zendesk tenant URL will have the account name 'centrifydemo236'). Click 'Save' in both Centrify and Zendesk once complete.
10) Next, navigate to the 'User Access' tab in Centrify. Select the Centrify roles you created for Zendesk in Step 24.
11) Next, navigate to the 'Provisioning' tab. Click 'Enable provisioning for this application' and provide an administrator (1) Username, (2) Password and (3) Redirect URL in the form fields. Click 'Verify' to complete this step.
** Provisioning allows administrators to manage Zendesk users from active directory. For example, in step 15, we added the 'Domain Admins' security group as a member to the 'Zendesk Administrators' Centrify role. Adding a new hire to the 'Domain Admins' group will prompt Centrify to auto provision a Zendesk account with administrator level access.
12) Once verified, scroll down to the 'Role Mappings' section and click 'Add'. As the first option, choose the 'Zendesk Administrator' role created in Step 24 and map to the 'Destination Role' 'Admin' in the Zendesk application. Click 'Done' to complete.
13) If you have created other roles for Zendesk, repeat the step as shown for the 'Zendesk End Users' role.
14) Once you've mapped all roles you've created for your Zendesk users, click 'Save' to complete the provisioning configurations.
15) To complete the integration, navigate to 'Settings' -> 'Users' -> 'Outbound Provisioning'. Under the 'Provisioning Enabled Applications', choose the 'Zendesk' application then click on the 'Start Sync' button.
16) Click the 'bypass caching and re-sync all objects' then 'Yes' to initialize the first integration and sync between Centrify and Zendesk. This step may take a few minutes depending on the number of users Centrify is provisioning into Zendesk.
17) Once complete, navigate to your 'User Portal' and verify that you can log into the Zendesk application by clicking on the application tile.
We hope this guide was helpful. If you have any questions, please use this forum thread as a resource or contact Centrify - https://www.centrify.com/about-us/contact/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.