79Consulting Integrates NetSuite With Zendesk
In our series featuring NetSuite integrations with external applications, this blog will delve into the integration with Zendesk. Zendesk is one of the leading customer service solution companies, building software to help clients handle their customer service needs. Some of the features provided by the software include a ticketing system, live chat, chat bot etc. The 79Consulting team recently worked on integrating NetSuite with Zendesk for a client.
The client provides a knowledge base on the Zendesk platform to their customers. They wanted to establish Single Sign-on between NetSuite and Zendesk so that the end customers can automatically sign-in into Zendesk platform when signed into NetSuite instead of maintaining two different sets of login credentials. They also wanted to create an integration between NetSuite employees and Zendesk users. When an employee in NetSuite is given permission to access Zendesk, the same should be created as a user in Zendesk. If an employee’s Zendesk access is removed in NetSuite, the corresponding user record in Zendesk should be inactivated.
The design was a simple 2 part solution. Use the APIs exposed by Zendesk to create, update and inactivate users. Use SuiteSignOn record in NetSuite to establish SSO between NetSuite and Zendesk.
Although the design was simple and straightforward, the team was met with a few challenges while trying to tackle this requirement:
- Although The Zendesk tool itself was intuitive, it took the team some research and learning to thoroughly understand all of i its functionality and features, as well as the application of Zendesk APIs for user creation and updates
- Issues with setting up SSO in Zendesk: It took the team some effort to setup SSO for employees and customers and a way to test the same in Sandbox environment
- Issues establishing SSO between NetSuite and Zendesk: Although there is documentation available on both NetSuite and Zendesk, the setup of SSO and a successful Single sign-on request took a while. Most of the issues were related to generating the JWT (JSON Web Token) that were being used for authentication between NetSuite and Zendesk
Although it took some research on the part of the 79Consulting team, the documentation and online help provided by Zendesk proved to be of great help in resolving the issues.
The first task was to understand how to invoke the APIs offered by Zendesk. The team went through the API documentation provided by Zendesk and used POSTMAN to make a series of calls to the APIs to figure out the details needed to make the API call. They were able to understand the JSON structure and the parameter names of various fields in Zendesk through the POSTMAN testing. Once the POSTMAN testing was successful they had all the information required to create a script in Netsuite and invoke the Zendesk APIs from NetSuite.
Next, the team needed to focus on the configuration and setup of SSO on both Zendesk and NetSuite. In Zendesk they had to generate the secret key and enable single sign-on for the employees as well as customers. The team could choose to enable SSO for just one of those entities for the initial testing. They then created a SuiteSignOn record in NetSuite with the details of the secret key that was created in Zendesk.
Once the required configurations for SSO are in place on both the applications, the last key piece was to establish the connection and open Zendesk application from NetSuite. As mentioned earlier, JWT is the key component at the core of SingleSign-on that allows Zendesk to trust the login requests coming in from NetSuite. In simple terms, JWT is nothing but a long URL that opens a Zendesk instance when you open it from a browser. This JWT has 3 main components
- JWT Header – It contains details that indicate it’s a JWT request and the details of the type of hashing algorithm
- Data/Payload – This component consists of the timestamp at which the request is generated, a JSON Token ID (JTI) which is a random string that is also a unique identifier and the actual data that consists of the name and email id of the logged in user.
- JWS Signature – The last component is a part of an encryption string that is generated using the payload and shared secret key (checksum)
A few key points to remember while establishing the SSO are:
- All the components of the JWT are base64 encoded
- The token generated for sign-in is valid only for 3 minutes from the time it is generated (3 minutes from the timestamp that is captured in the payload)
- Logic should be built around the JTI generation to make it unique so that the same JTI is not used by more than one user at the same time. In case duplication of JTI happens, users will not be able to login into Zendesk
Integrating NetSuite with Zendesk and establishing SSO between both the applications was a great learning experience for the 79Consulting team. For any custom integration requirements for NetSuite, please reach out to our team of experts.
- Zendesk API documentation
- Zendesk online Help on SSO
- NetSuite documentation on Single Sign-On