Users are often redirected to the logout URL during SSO with SAML due to an SSL certificate update.
When your server's SSL certificate is updated or changed, it results in a new fingerprint. This new fingerprint needs to be updated in your Zendesk Support account. If you don't have access to the new certificate data, you can decode the SSL using online tools like CSR Decoder and Certificate Decoder to obtain the new SHA2 fingerprint. Once you have the new fingerprint, navigate to Admin Center > Account > Security > Single sign-on, select SAML, update the Certificate fingerprint field, and save the changes. For more details, visit theoriginal link.
If you're facing SSO login issues with Auth0, ensure users are created in both Auth0 and Zendesk. Users created only in Auth0 may face login issues and be redirected to the logout URL. To resolve this, make sure that user profiles are created in…
If SSO login fails with Google as your IDP, verify the SHA2 fingerprint and customer settings. Ensure that the SHA2 fingerprint is correctly updated in your Zendesk settings. Also, check the Customers settings to confirm that there are no…
A specific user might be redirected to the logout URL due to incorrect ACS URL configuration. Check the ACS URL in your SSO settings to ensure there isn't an unnecessary slash at the end of the address. Removing this slash can resolve the issue. If…
Enabling SSO for team members can prevent them from being redirected to the logout URL. If you're deferring authentication to a third party like Auth0, ensure that SSO is enabled for team members as well as end users. Without this configuration,…
AzureAD B2B guest users may face logout issues if the nameidentifier is set incorrectly. For B2B guests using a Microsoft Account, the nameidentifier should be changed from UPN to user.mail. The UPN for AAD Guest accounts is typically the…