Resolution Path :
- For the initial Azure AD setup with Freshworks, please follow the setup with all the instructions provided in the article : Azure AD - How To Setup Agent/Contact SSO
- Once the Initial setup is complete as per the solution article mentioned above, we can proceed with the IDP initiated setup for the SSO. Firstly, it is important to note that we do not have an IDP initiated workflow setup with the Freshworks SSO. We will be replicating this by making use of the "Relay State" parameter available in the IDP such as Azure AD.
- In SAML, the RelayState is an optional parameter that you can use to communicate to your Identity Provider where your users should be redirected after signing in with SSO. When you configure the RelayState field in your Identity Provider with a valid Freshworks Product URL (like https://abc.freshservice.com/ or https://abc.freshdesk.com), the user will be redirected to this URL after successful login from IdP.
- In case of an invalid URL, the user will be redirected to the Admin Center. Please note that the RelayState will take precedence only when the login action is directly initiated from the identity provider dashboard.
Steps :
- To configure the application in IdP-initiated mode, in the Basic SAML Configuration section, do the following:
- On the Set up single sign-on with SAML page, next to Basic SAML Configuration, select Edit (pen icon).
- In the Relay State box, type a URL in the following format: https://abc.freshdesk.com/support/solutions and Save the configuration.