Single Sign-onΒΆ

Single sign-on is configurable through “Admin/Single Sign-on” link.

_images/sso.png

With single sign-on (SSO), a user can log into iHelpdesk account automatically after being authenticated by your company’s web site. SSO enables you to use your existing user authentication mechanisms. However, if SSO is enabled, all your existing accounts in iHelpdesk will be disabled. Just in case you still want to use your iHelpdesk account to log in, you can use this URL:

http://www.ihelpdesk.com/desktop/helpdesk_login.jsp?c=Your_Site_Name&access=normal

(Append access=normal to the end of URL)

When setting up SSO, A random shared secret is generated. The shared secret is used in your code for authentication purpose. Keep it secret. The user’s browser will be redirected to your site for authentication. After the user has been authenticate, his browser will be redirected back to your iHelpdesk site. There is no connection between iHelpdesk server and your web server, only simple browser redirections are used.

You need to put some code on your web site. A login form is used to authenticate user first, then you can refer to these sample code to redirect user to your iHelpdesk site: PHP example, ASP example and JSP example. You have to edit the sample code to provide correct shared secret, user name and email. After the user has been redirected to iHelpdesk site, a new user will be created if the user doesn’t exist, and the user’s properties such as phone, email, organization, and full name will be updated too based on the data supplied in the abovementioned sample code.

The logout URL will be invoked when a user logs out of iHelpdesk site.