This video shows how to provide single sign-on to your users allowing them to log into your OneDesk customer apps using their existing credentials. This video demonstrates creating this SSO integration using OpenID Connect and Microsoft Azure Active Directory.

This video shows you how to enable single sign on for your OneDesk account for your users. Once you’ve been able to this, your users will be able to sign on to their OneDesk account using their identity provider credentials such as Active Directory.

To do this, go to administration, select integrations and select the single sign-on tab. Here you can see we have ‘single sign on for users’ and ‘single sign on for customers’. In this case, I’m going to be demonstrating single sign on for users, but we have another video for single sign on for your customers.

Click ‘enable SSO for users’ and I’m going to choose ‘open ID connect’ and click ‘expand’ that and ‘add an open ID client record’. I need to fill out these properties here and once I finished that I’ll be provided with some login URLs.

For the purposes of this video, I’m going to demonstrate using Azure Active Directory, but any identity provider that supports open ID connect will work.

I’m going to open up my Azure. I’m going to go to Azure Active Directory and go to ‘app registrations’ and I’m going to click ‘create a new registration’. I’ll call this OneDesk. I’ll choose who can access. I’m going to choose my redirect URL and need to make sure it’s a web redirect and I’ll enter the link here. In this case link will be and then I’ll click ‘register’.

Next I need to create a secret, so I’ll click on ‘certificates and secrets’ and I’ll click ‘new client secret’. Call this one OneDesk secret. It could expire in two years, and click add. Now I just need to copy across the value of that secret and back in my OneDesk account, I’ll add the client secret right here.

Now to gather the other information I’m looking for. Back in Azure, I’m going to go back to my registered application, click on it, and I’m going to copy across the application or client ID. That I’ll place right here in the client ID field. And now I’m missing the authorization URI and the token URL. Back in active directory, I will click on the endpoints and you need to make sure that you choose oAuth 2.0 authorization endpoint V1 for both login and authorization. I’ll grab the authorization one first and paste it here, and I will go grab the token one second and put it here. As soon as I’ve completed that, OneDesk will automatically generate the URLs you need to login. Your users can log into the widget using this URL, to the knowledge base using this URL, to the portal using this URL, and to the main application, using this URL.

I’m going to show you how it works with the main application. I will copy that link. I’m going to open a new incognito window and I’m going to put that link my browser and you’ll see it brings me to the Microsoft sign on page. I’m going to enter my credentials to sign on, enter my password. I can now consent for my entire organization. So I’ll do that. Click accept, and now you can see that I’m automatically logged on to the OneDesk application.

A thing to note here is if your user account already exists with the same email address it will log you in with that user, and if not, it will create a new user for you. Another thing to make note of is that you can only have one user or customer with the same email address. So if you have already signed in and have a customer record with an email address, you’ll need to remove that customer to add a user with the same email address.

That’s how you can enable single sign on for your users to log into their one desk account using their identity provider credentials such as Microsoft active directory. Thanks.