oauth-2.0authorizationsingle-sign-onfreshdesk

Freshdesk OAuth SSO: Freshdesk Login Page Doesn't Ping My Auth Page?

I'm trying to connect to Freshdesk using OAuth 2.0, for single sign-on from my app. My app is serving as it's own OAuth identity provider. I've set up my Authorization url on Freshdesk -- let's call it https://www.myWebApp.com/auth:

auth url set on freshdesk

So now for testing purposes I go to the URL that Freshdesk support provided for a user to initiate the single sign-on process:

https://myWebApp.freshdesk.com/login/normal

...and I see a nice sso-style login screen:

login dialog

I enter a correct email and password for one of my site users and click "Login".

Now in the Chrome network tab, I would expect to see Freshdesk trying to ping my Authorization URL. But I don't. I see this:

network tab

When loaded, my auth page (https://myWebApp.com/auth) pings my server, which issues a console.log() message, and my server logs show no such console log message -- so Freshdesk doesn't seem to be pinging my auth page at all.

What is keeping Freshdesk from pinging my auth page as it should?

Solution

  • There is probably a fair bit here that you have in place already but I am just adding it in for completeness.

    Logged into the backend and on the security page for contacts

     https://stackoverflow.myfreshworks.com/security/contacts 
 [stackoverflow == your site :) ]

    you will have to create a Custom Policy if you don't have one in place already (this is different to the one for Agents)

    custom policy for contacts

    And for that configure your SSO with Oauth 2.0

    SSO with Oauth 2.0

    Then , if you have at least one SSO configured your login (at https://stackoverflow.freshdesk.com/support/login ) should look like this:

    freshdesk login

    Where (1) now appears. That will be the link to ping your server via the urls you set up for the SSO:

    If you only have one SSO set up for your contacts that link (1) should complete the sign-in process directly and then you should end up logged into Freshdesk as the specific contact.

    If you had two SSO options set up; for example:

    multiple SSO options

    ..when you clicked the link (1) on the https://stackoverflow.freshdesk.com/support/login page, you should then be redirected to a page with those two options:

    SSO option page

    The url for that page is something like (parameters will be different for you):

    https://stackoverflow.myfreshworks.com/login
?redirect_uri=https://stackoverflow.freshdesk.com/freshid/customer_authorize_callback
&client_id=14416083630394368&slug=6117145232763

    I am imagining you could use that as a direct link to the portal on your main site.

    If you only have one SSO option set up you should be able to navigate directly to the link as above and then see :

    enter image description here

    which is probably what you are aiming for.

    I changed the name of that button (Sign in with contacts SSO) just to be sure I was using the right one and to differentiate from the login for agents. You can change the text under the Advanced Options when configuring the SSO:

    Advanced options

    Hope this helps you along the way - if you have any other questions on this post them as comments.