× Welcome to the Centrify Community! Looking for Express & Smart Card Help? Click Here

[How To] - Integrate Zendesk with Centrify Identity Service

[How To] - Integrate Zendesk with Centrify Identity Service

By Centrify Contributor III 2 weeks ago - last edited a week ago

Thank you for choosing Centrify!

 

The following is an end-to-end guide for integrating Zendesk with the Centrify Identity Service platform. The integration helps to eliminate identity silos with administrators having to manage user's access across multiple systems and end users having to remember multiple usernames and passwords. The integration allows administrators to manage user's access from one common directory (i.e. Active Directory), including inheritance of your active directory group policies to secure access to Zendesk. End users enjoy the benefit of single sign-on to Zendesk, leveraging a credential they already know and use on a daily basis - their active directory credentials. 

 

Install time ~ 1-3 hours

 

Requirements

1) Zendesk account

2) Centrify Identity Service account

3) Active Directory

4) Windows server for Centrify Connector (requirements below)

 

Let's get started

 

1) Log into your Centrify Identity Service tenant. 

 

5 - login page.png

 

2) Once logged on, you will be presented with Centrify’s configuration wizard. You can choose to use the wizard for general setup, however, for purposes of this guide, you can check the ‘Don’t show this to me again’ box and close the window. This will stop the wizard from appearing during the configuration process.

 

6 - wizard.png

 

3) Install the Centrify Connector following this guide: 

http://community.centrify.com/t5/TechBlog/How-To-Installing-Centrify-Cloud-Connector/ba-p/27840 

 

4) Next, we must create roles in Centrify to contain the users of the Zendesk application. Zendesk has 3 roles (Admin, Agent and End-User) that can be leveraged. A minimum of one Centrify role must be created and mapped to a Zendesk role (See Step 32 below). For the purposes of this guide, we will create an administrators role for all the Zendesk administrators. Additional roles can be created in Centrify similarly to the administrator role done in this guide. To create a role, navigate to 'Roles' -> 'Add Role'. Name the role 'Zendesk Administrators'. 

 

Screenshot 2017-04-16 14.01.46.png

 

5) Next, navigate to the 'Members' tab and select the users that you want to grant 'Administrator' access in Zendesk. This can be individual users in active directory or a security group that contains multiple users. Search for the users or security groups and click 'Add'

 

Screenshot 2017-04-16 14.02.17.png

 

6) Next, navigate to 'Apps' menu from the navigation bar, then 'Add Web Apps'. Search for the Zendesk application and choose the 'Zendesk SAML + Provisioning' template. Click 'Add' to continue. 

 

Screenshot 2017-04-16 14.03.17.png

 

7) Click 'Yes' to continue. 

 

Screenshot 2017-04-16 14.03.24.png

 

8) Next, open a new browser tab login to Zendesk with your administrator account. Under 'Security', enable the 'Single Sign-on (SSO)' configuration, then enable 'SAML' as the protocol. 

 

Screenshot 2017-04-16 14.05.46.png

 

9) With both the Centrify 'Application Settings' page and the Zendesk 'Single sign-on (SSO)' tabs open, exchange the following configurations as illustrated below. The 'Zendesk Account Name' is your Zendesk account name which can be taken from your login URL (i.e. The 'https://centrifydemo236.zendesk.com' Zendesk tenant URL will have the account name 'centrifydemo236'). Click 'Save' in both Centrify and Zendesk once complete.  

 

Screenshot 2017-04-16 14.07.24.png

 

10) Next, navigate to the 'User Access' tab in Centrify. Select the Centrify roles you created for Zendesk in Step 24. 

 

Screenshot 2017-04-16 14.08.39.png

 

11) Next, navigate to the 'Provisioning' tab. Click 'Enable provisioning for this application' and provide an administrator (1) Username, (2) Password and (3) Redirect URL in the form fields. Click 'Verify' to complete this step. 

 

** Provisioning allows administrators to manage Zendesk users from active directory. For example, in step 15, we added the 'Domain Admins' security group as a member to the 'Zendesk Administrators' Centrify role. Adding a new hire to the 'Domain Admins' group will prompt Centrify to auto provision a Zendesk account with administrator level access. 

 

Screenshot 2017-04-16 14.11.30.png

 

12) Once verified, scroll down to the 'Role Mappings' section and click 'Add'. As the first option, choose the 'Zendesk Administrator' role created in Step 24 and map to the 'Destination Role' 'Admin' in the Zendesk application. Click 'Done' to complete. 

 

Screenshot 2017-04-16 14.11.51.png

 

13) If you have created other roles for Zendesk, repeat the step as shown for the 'Zendesk End Users' role. 

 

Screenshot 2017-04-16 14.12.06.png

 

14) Once you've mapped all roles you've created for your Zendesk users, click 'Save' to complete the provisioning configurations. 

 

Screenshot 2017-04-16 14.12.20.png

 

15) To complete the integration, navigate to 'Settings' -> 'Users' -> 'Outbound Provisioning'. Under the 'Provisioning Enabled Applications', choose the 'Zendesk' application then click on the 'Start Sync' button. 

 

Screenshot 2017-04-16 14.37.44.png

 

16) Click the 'bypass caching and re-sync all objects' then 'Yes' to initialize the first integration and sync between Centrify and Zendesk. This step may take a few minutes depending on the number of users Centrify is provisioning into Zendesk. 

 

Screenshot 2017-04-16 14.12.50.png

 

17) Once complete, navigate to your 'User Portal' and verify that you can log into the Zendesk application by clicking on the application tile. 

 

Screenshot 2017-04-16 14.14.11.png

 

We hope this guide was helpful. If you have any questions, please use this forum thread as a resource or contact Centrify - https://www.centrify.com/about-us/contact/

 

Thank you!

Showing results for 
Search instead for 
Do you mean 
Labels

Community Control Panel