clearFusionCMS Community

Full Version: Zendesk Single Sign-On
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
clearFusionCMS can be used to authenticate users for Zendesk, the following describes the process of enabling it in just 4 steps.

Step 1 Enable Single Sign-On at Zendesk
Login to your Zendesk to enable single sign-on and get the shared secret you'll need in the next step.
  • Click the Admin cog at the bottom left of the screen
  • Click Security then select the Single Sign-On
  • Click edit next to JSON Web Token
  • Click Enable and put the address where the login page will be located on your site into the Remote login URL field.
  • Copy the Shared secret you'll need it later on

Step 2 Add the Code
Login to your clearFusionCMS installation that will be authenticating Zendesk users, go to Elements and create a new snippet. Name the snippet zendeskLogin and use the following code:
PHP Code:
 * package clearFusionCMS
 * copyright Copyright (c) 2013 clearFusionCMS. All rights reserved.
 * link

// Check that the shared key and subdomain have been passed
if(!isset($key) || !isset($subdomain))

// Only run if user authenticated
$user clearFusionCMS::getUser();
$user->isAuthenticated()) {
// Create JWT
$now time();
$token = array(
'jti'   => md5($now rand()),
'iat'   => $now,
'external_id' => $user->getId(),
'name'  => $user->getUsername(),
'email' => $user->getEmail()
// Encode and sign
$segments = array();
$segments[] = str_replace('='''strtr(base64_encode(json_encode(array('typ' => 'JWT''alg' => 'HS256'))), '+/''-_'));
$segments[] = str_replace('='''strtr(base64_encode(json_encode($token)), '+/''-_'));
$segments[] = str_replace('='''strtr(base64_encode(hash_hmac('sha256'implode('.'$segments), $keytrue)), '+/''-_'));
// Redirect
clearFusionCMS::getResponse()->redirectTo(clearFusionCMS::getSession()->flashGet('zendesk_returnto''https://' $subdomain '') . '?jwt=' implode('.'$segments));
else {

Save the snippet.

Step 3 Create a Login Page
Head back to the dashboard and select Documents, create a new document which will be the help desk login page making sure that it's in the location that you specified in the Remote login URL field, and add the following to the content:
[[!members.login &loginByUsername=`1` &loginByEmail=`1`]]
[[!zendeskLogin &key=`xxxxxxxxxxxxxxxxxxx` &subdomain=`example`]]
Change xxxxxxxxxxxxxxxxxxx to be the shared secret you recorded when enabling single sign-on and change example to be your zendesk subdomain e.g. if your help desk is at then your subdomain will be example. The subdomain is only required as a fallback if something unexpected happens.

Publish the page.

Step 4 Testing
Make sure that you're logged out of clearFusionCMS and Zendesk, then head to your Zendesk subdomain and click login, if everything is working correctly you'll be presented with the login page on your website, login and you should be redirected back to Zendesk.

That's it all done.
Thank you very much for this info. I was searching for this info from many hours and finally found on clearfusioncms forum.
Reference URL's