Cloudflare Docs
Visit Cloudflare Zero Trust on GitHub
Set theme to dark (⇧+D)

Configure Zendesk SSO with Access for SaaS

This tutorial covers how to configure Zendesk SSO with Access for SaaS.

⏲️ Time to complete:

20 minutes

Configure Zendesk and Cloudflare

  1. To begin, navigate to your Zendesk administrator dashboard, typically available at <yourdomain>

  2. In a separate tab or window, open the Zero Trust Dashboard and navigate to Access > Applications.

  3. Select SaaS as the application type to begin creating a SaaS application.

  4. Copy the following fields from your Zendesk account and input them in the Zero Trust application configuration:

    • Assertion Consumer Service URL. This URL appears as SAML SSO URL in your Zendesk account.
    • Entity ID:
    • NameID: Email
  5. Configure these Attribute Statements to include a user’s first and last name:

    • <Cloudflare Firstname attribute name> =>
    • <Cloudflare Last name attribute name> =>

    Zendesk attributes

  6. Create an Access policy to determine who can access Zendesk.

    Zendesk policy

  7. Copy the Cloudflare IdP values and add them to the following Zendesk Fields:

    • SSO Endpoint => SAML SSO URL
    • Public Key => Certificate Fingerprint

    Zendesk fingerprint

  8. Go to https://<yourdomain> and enable External Authentication > Single Sign On.

    Zendesk external authentication

Users should now be able to log in to Zendesk if their Email address exists in the Zendesk user list.