Freshdesk SSO

Cantor, Scott cantor.2 at
Mon Aug 10 14:01:22 EDT 2015

On 8/10/15, 1:36 PM, "users on behalf of Martin, Brandon L" <users-bounces at on behalf of martinb at> wrote:

>I am only able to authenticate with encryptAssertions set to false.

As Nate said, that's not something you can fix.

>Then in the Freshdesk interface after I log in, it says my email is AAdzZWNyZXQxWjx

Then their integration is based on blindly consuming a NameID with no regard for Format. Common, and a bug.

>I've tried several solutions from the internet without the result changing. From toying with md:NameIDFormat in the metadata to trying different options in the relaying party.

If you want the IdP to produce a different NameID format, the wiki covers that, and many threads on the list describe it.

-- Scott

More information about the users mailing list