Basically title, I can get SSO working with pre-existing freshworks users however it doesn’t work with users that only exist in Azure AD (“-insert user- cannot be logged in as this user is not part of this organization”). So am I missing something or do you need to add/import users even if they’re going to use their AD login ?
Best answer by Glavin Crasta
View original
+1
I’ve set the FreshService Provisioning app up in my Azure AD tenant and when I try and test it by manually provisioning a test AAD user account that doesn’t exist in FreshService, I’m receiving an error (see below) about an employee_id field. Did you receive that error too or did you run into any snags with getting this setup in your environment?
Failed to create User 'ittest@trilliumstaffing.com' in Freshservice
Error code
SystemForCrossDomainIdentityManagementServiceIncompatible
Error message
StatusCode: BadRequest Message: Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the 'Response' property of this exception for details. Web Response: {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"detail":[{"field":"employee_id","message":"It should be of type Integer","code":"missing_field"}]}
Sorry for the late reply but that really helped, thanks.
+6
This is not mandatory and the user record would be created in Freshservice through SSO as well. Please check on Azure side if you have enabled all users to have access to Freshworks application through SSO. If not you would need to add the users to the application in Azure.
How would you sync Azure AD users though ? I’m either braindead or can’t Google, I’ve been trying to find a solution to this for a week now without success.
I believe you would need to use the AD sync process to at least get the users in the system, then SSO handles the Authentication.
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
