Enabling Federated Login for Help Center

Enabling Federated Login for Help Center

The federated login allows your end users to access the Help Center using a single authentication ticket/token from identity providers (IdP) such as Google, Facebook, LinkedIn, or Zoho. You can enable it to simplify the experience for users who do not wish to create and maintain distinct accounts for tracking their support tickets.

You can set up federation with the following identity providers:
  1. Zoho
  2. Google
  3. LinkedIn
  4. Facebook
  5. Microsoft Azure

Important:
  1. Setting up federation requires you to provide the Client ID and Client Secret of the respective identity providers in Zoho Desk.
  2. New signup moderation will not be available for federated users.
  3. Federated users can access your help center without needing to receive an invite.

Federation with Zoho
By setting up federation with Zoho, you can allow end users to sign in to your Help Center with their own Zoho accounts without having to create a separate account.

To set up federation with Zoho:
  1. Click the Setup icon (  ) in the top bar.
  2. Under Channels, click Help Center.
  3. Click Federated Login from the left panel.
  4. On the Federated Login page, select Zoho.
    You will land on the Add Provider page.
  5. Check the box to agree to the Terms and click Enable.
    The option to sign in using Zoho will now be available on your help center login page.

Note:
  1. Enabling federation with Zoho creates an OAuth client. You can view this client by accessing the Zoho Developer Console URL displayed on the Federated Login page.

Federation with other IdPs
By setting up federation with third-party identity providers, you can allow end users to sign in to your Help Center with those credentials without having to create a separate account.

To set up federation with third-party IdPs:
  1. Click the Setup icon (  ) in the top bar.
  2. Under Channels, click Help Center.
  3. Click Federated Login from the left panel.
  4. On the Federated Login page, do the following:
    1. Select the third-party IdP for the Federation SSO operation.
      You can choose to add LinkedIn, Google, or Facebook.
    2. Paste the Client ID copied from the identity provider.
    3. Paste the Client Secret copied from the identity provider.
  5. Check the box to agree to the Terms and click Enable.
    The conditions are only displayed when the customer self sign-up permission is enabled for your help center.
    The option to sign in using the provider will now be available on your help center login page.

Getting Client ID and Secret
When you set up federation with third-party IdPs, you must get their client ID and secret to be provided in Zoho Desk. The steps to create or generate these will vary by provider. Let's look at the steps involved for each of the providers supported in your Zoho Desk.

 Google 
  1. Sign in to the Google API Console with your Google account.
  2. On the Dashboard (APIs & Services), click Create Project and then click Create.



  3. On the New Project page, enter a Project name and select a Location.
  4. Click Create.
    Now look for the Getting Started card. It will likely be at the bottom left.



  5. Click Explore and enable APIs.



  6. Under APIs & Services, click OAuth consent screen.
  7. For the User Type, select Internal or External as per your preference and then Create.



  8. On the OAuth consent screen page, do the following:
    1. For Application name, enter a name of your choice.
    2. For Application logo, upload your preferred logo.
    3. For Authorized domains, enter its corresponding value from the Federated Login page in Zoho Desk.
  9. Click Save.
  10. Now, click the Credentials tab on the left pane.
  11. In the Create credentials menu, choose OAuth client ID.



  12. On the Create OAuth client ID page, do the following:
    1. Under Application type, choose Web application.
    2. For Name, enter a name of your choice.
    3. Under Authorized redirect URls, enter the value of Redirect URl from the Federated Login page in Zoho Desk.
  13. Click Create.
  14. Copy the client ID and client secret, which you'll use when you add the identity provider in Zoho Desk.
    Make sure that you don't include any trailing spaces in the client ID and secret.

 LinkedIn 
  1. Log into LinkedIn using your credentials for the LinkedIn developer portal.



  2. Go to MyApps section.
  3. Click on Create App.



  4. Enter all the necessary details related to your app and then click Create app.
    You will land on the app's 
    Settings tab.



  5. Click the Auth tab from the top of the page.
  6. You will find the Client ID and Client Secret under Application credentials.
    Save these values to be provided in Zoho Desk.



  7. Under OAuth settings, click +Add redirect URL and enter the Redirect URl copied from the Federated Login page in Zoho Desk.
  8. You're now good to go.

 Facebook 
  1. Go to the Facebook for Developers page and login with your Facebook account.



  2. At the right corner of the top navigation bar, click the My Apps link and then click Create App.



  3. Enter the Display Name and Contact Email.
  4. Click Create App ID.
    The new App will be created and redirected to the Facebook App Dashboard.
  5. At the left navigation menu panel, click the Products(+) link and navigate to the Add a Product page.
  6. Select Facebook Login product and click Set Up.
  7. At the left navigation menu panel, click Settings under Products.



  8. Go to the Client OAuth Settings section.
  9. In the Valid OAuth Redirect URIs field, enter the Redirect URl copied from the Federated Login page in Zoho Desk.
  10. Click Save Changes.



  11. Now navigate to the Settings ยป Basic page, copy the App ID and App Secret.
    This is the client ID and secret that you'll use when you add the identity provider in Zoho Desk.

 Microsoft Azure
  1. Sign in to your Azure portal.



  2. Search for and click Azure Active Directory.
  3. Under Manage, click App registrations > New registration.



  4. On the Register an application page, do the following:



    1. Enter a display Name for your application.
    2. Specify who can use the application, sometimes called its sign-in audience.
    3. In the Redirect URl section, enter the Redirect URI value from the Meta Data section of Microsoft's page in Zoho Desk.
    4. Click Register to complete the initial app registration.
  5. After registration, the Azure portal displays the app registration's Overview pane.



  6. You see the Application (client) ID. Also called the client ID, this value should be used when you add the identity provider in Zoho Desk.
  7. The next step is to create the Client Secret. Follow the steps below to create one:



    1. Under Manage, click Certificates & secrets > New client secret.
    2. Add a description for your client secret and select a duration for its expiry.
    3. Click Add.
    4. Copy the client secret, which you'll use when you add the identity provider in Zoho Desk.
      Note: The client secret is never displayed again after you leave this page.

Disabling Federation for IdPs
If you later want to temporarily or permanently prevent access by users of federated domains, you can disable them for your help desk. Follow the steps in this section to disable federated user access for an identity provider:
  1. Click the Setup icon (  ) in the top bar.
  2. Under Channels, click Help Center.
  3. Click Federated Login from the left panel.
  4. On the Federated Login page, do the following:
    1. Hover your mouse pointer on the provider and click Disable.
    2. Click Disable to confirm your action.
    • Related Articles

    • Enabling Google Analytics for your Help Center

      Google Analytics is a free tool for analyzing the traffic of websites. It provides valuable insights on visitor trends and behavior. By knowing how your customers react and respond to your web pages, you can identify what works best, and what needs ...
    • Managing Help Center Permissions

      When you set up the Help Center, you must determine who should have access to it. You may allow anyone to access the Help Center or only those who have registered for it. Providing an open Help Center is less of an effort for your legitimate ...
    • Setting up SAML Single Sign-on for Help Center

      Security Assertion Markup Language (SAML) is a mechanism used for exchanging authentication and authorization data between applications, in particular, an identity provider (IdP) such as OneLogin, Okta, PingIdentity and a service provider (such as ...
    • Google Analytics Dashboard for Help Center

      Google Analytics provides tools for everything from search analytics to visitor tracking that can be used to improve your self-service option in Zoho Desk. You can use the statistics to learn, for example, how long your customers look at the KBase ...
    • Creating a sitemap for the Help Center

      A site map (or sitemap) is a list of pages of a web site accessible to crawlers like Googlebot. They allow search engines to find all of your webpages, that they might otherwise miss when indexing. For a more detailed account of the site map, ...