Customers may encounter an issue where they are unable to log into the Freshdesk Helpdesk-Customer Portal using the Single Sign-On (SSO) method through Okta. During the SAML flow, upon clicking the tile, Okta posts to the Service Provider (SP) Assertion Consumer Service (ACS) URL of https://testorg.myfreshworks.com/sp/SAML/33221100/callback.

The Service Provider subsequently redirects to https://testorg.myfreshworks.com instead of https://testorg.myfreshworks.com/oauth/authorize?, which is expected in the SP flow.

This article will provide a workaround to this issue.

• SAML 2.0
• Freshdesk
• Users experiencing redirect issues during the SAML flow

After the assertion uses POST to the SP ACS URL, it unexpectedly gets redirected to the agent login page instead of continuing the SAML flow.

The Service Provider has provided a workaround for this issue. Follow the steps outlined below:
 

1. The Service Provider adds a default relay state of https://testorg.freshdesk.com/customer/login. This step is carried out on the Service Provider's end.

2. Users can then use this relay state to log into the Freshdesk Customer Portal. The relay state will ensure that, even if a redirect occurs, users will be taken to the intended URL.
    

This workaround should allow the application to behave as expected during the IdP flow.