Skip to main content
Skip table of contents

Zendesk SAML Integration

This document explains how to implement MonoSign with Zendesk. It covers Single Sign-On. Before you continue, it is better to start with Zendesk’s Single Sign-On implementation page.

View Zendesk SSO Metadata

In order to configure the SAML key on MonoSign for Zendesk SSO, you need to have various information provided by Zendesk. First, navigate to Account > Single sign-on and click Configure next to the SAML section on the Admin Center.

You will see Service Provider Details as follows.

For now, stop here on the Zendesk side and create a MonoSign application and related SAML key by using the information provided by Zendesk.

Creating an Application and Access Key on MonoSign

Create the application on MonoSign and configure the access policy. Once it is created, click Keys and Add New Key to create a SAML access key.

In the opened modal, choose SAML as Key Type and switch to SAML2 Settings. Fill in the necessary fields according to the information provided by Zendesk. Correspondings of the fields are as below.



Assertion Consumer Url

Assertion Consumer Url from Service provider details

Click Save and you are gonna see your configuration for your access key as follows.

Configuration Single Sign-On for Zendesk

We are gonna move on to where we left off on the Zendesk Single Sign-On page which is mentioned in the first chapter. Fill in the SAML configuration form according to the access key created on MonoSign. Correspondings of the fields are as below.




Sign On Service from the SAML access key

Certificate fingerprint

SHA256 Fingerprint of the certificate issued to SAML access key - the certificate can be downloadable from the key detail

Remote logout URL

Logout Service from the SAML access key

You need to view your certificate fingerprint. in that case, we prefer using OpenSSL - “a robust, commercial-grade, full-featured toolkit for general-purpose cryptography and secure communication.”

Use the command below to view the certificate.

openssl x509 -in {path of your certificate} -noout -fingerprint -sha256

The SAML configuration should be as follows.

Next, assign the SSO option to end users, team members, or both. Navigate to the Account > Security > Team member authentication or Account > Security > End user authentication. Select External authentication to show the authentication options. Choose SAML as the Single sign-on (SSO) option in the External authentication section.

For team members, single sign-on might not cover all use cases, so you have a choice to keep both authentication methods. For example, a Zendesk password is required to access your Support account from many Zendesk integrations, or to use the Zendesk API or Apps framework.

If you disabled Zendesk passwords, click Account > Advanced > Authentication and select an SSO bypass option. You can choose whether only the Account owner or all Admins (including the account owner) can be granted access to the account in case the sign-in provider goes down.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.