Single Sign-On
Single Sign-On allows account admins to allow users to access the Middesk dashboard without needing to enter a separate password, instead relying on a secure, centralized identity provider.
We support Single Sign On using standard authentication protocols like SAML 2.0, OAuth 2.0, and OpenID Connect. This includes multiple common external identity providers such as Microsoft Active Directory Federation Services, Okta, Ping Identity, OneLogin, Google, and others.
Single Sign-On can be available on accounts that have a contract with Middesk. Please contact our sales team to discuss enabling this feature. The only additional information required to configure Single Sign-On is the email domain(s) for your users.
Configuring Single Sign-On
You'll be able to configure a connection with your identity provider by accessing your team settings page. If enabled on your account, a Single Sign On section will be available under the Settings tab.
Clicking Configure will open a webpage where you can configure your connection. There is a guided setup process available to help you configure Single Sign-On with many of the most popular identity providers. For more advanced configurations, you can also configure a custom SAML or OpenID Connect integration.
To try out a demonstration of the Single Sign-On Configuration process, you can do so by visiting this Admin Portal Demo page and clicking Configure SSO. With so many different Identity Providers available, reading through the guided setup process for your specific identity provider using this admin portal demo is the best way to know what information you'll need for configuring your specific Single Sign-On connection.
Adding New Users with Single Sign-On
You are able to manually add new users to your Middesk account by using the Add User button on the Team Settings page. New users are invited by entering their email address and selecting a role. They will receive an email inviting them to activate their Middesk account access. If Single Sign-On is already configured, they will automatically skip the create password step of the new user flow and instead perform an initial authentication using your configured identity provider.
Middesk does not yet support automatic provisioning of new users via centralized user directory sync.
Signing In to Middesk using Single Sign-On
Once Single Sign-On has been configured for your team, users who wish to access the Middesk Dashboard will be able to select Sign in with SSO from the Sign In page.
This will show a new form where the user will submit their email address. If the submitted email address matches an existing user on an account with Single Sign-On enabled, they will be prompted to login through your configured identity provider.
Updated 28 days ago