Helpdesk Single-Sign-On via SAML
What is "single sign on"
To put it simple: "single-sign-on" lets your users sign-in to Jitbit Helpdesk with the same credentials they use to log into other cloud apps or websites. Jitbit Helpdesk provides three ways of "single sign-on" support:
- Via the authentication API
- Via AD authentication (non-Azure local AD) by placing a simple script on your local server that will authenticate your users and redirect them to the help desk application
- Via windows-integrated authentication (self-hosted version only)
- Via "Google login" - works for anyone with a Google account, no set up required
- Via SAML protocol - keep reading.
SAML sign on
Jitbit Helpdesk supports SAML 2.0 protocol for single sign-on. Here's the settings you might need for your SAML provider:
- APP ID URI (sometimes named "Entity ID" etc) -
https://www.jitbit.com/web-helpdesk/
- SAML sign-on URL -
[HelpDeskURL]/User/Login
(for example, if you're on the hosted version:https://acme.jitbit.com/helpdesk/User/Login
) - Reply URL (sometimes named "Assertion Consumer URL" etc.) -
[HelpDeskURL]/Saml/Consume
(for example:https://acme.jitbit.com/helpdesk/Saml/Consume
) -
Now, in the helpdesk admin panel you just need to specify the SAML-endpoint address and the x509-certificate (ask your SAML provider for these two) in the helpdesk admin section and it should just work. This feature works with both hosted helpdesk and downloadable one. You can integrate it with any SAML provider - Windows Azure, OneLogin etc.
What to include
Your SAML provider probably already includes "NameID" setting and "User.email" parameter. You can additionally add First and Last name attributes to the SAML response.
<saml:Attribute Name="first_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml:AttributeValue xsi:type="xs:anyType">FirstName </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="last_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml:AttributeValue xsi:type="xs:anyType">LastName </saml:AttributeValue> </saml:Attribute>
SAML providers
Jitbit can work with any SAML provider including:
- Azure Active Directory (step-by-step manual)
- OneLogin (step-by-step manual)
- Google Apps (step-by-step manual)
- ADFS (step-by-step manual)
- SAASPASS (step-by-step manual)
- Centrify (step-by-step manual)
- any other app that supports SAML 2.0
You can use SAML to integrate Jitbit with your LDAP, Active Directory, your multi-factor authentication modules, dongles, mobile logins etc.
No SAML? No problem, use the API
Our helpdesk comes with authentication API your developers can use to auto-login users to the helpdesk application