What is Freshworks Organization?
Disparate administration settings across multiple accounts and products are always difficult to control and manage. From password policies to user management, a unified approach to managing them across products enables Admins to have more centralized control.
Freshworks Organization introduces a centralized dashboard for user management and security settings across Freshworks Products that you use.
What’s New?
Manage user profiles across multiple freshservice accounts or other Freshworks products in one dashboard.
- Configure an advanced and centralized password policy. Freshworks Organization uses Automatic SPAM / bot detection while logging in to prevent brute force attacks or bot-based logins via Google Recaptcha
- Configure Secure SSO using OAuth2 / OIDC / SAML / JWT.
- Let users configure TOTP-based two-factor authentication to prevent stolen password attacks
- View all audit logs related to security settings modifications.
- A Switcher for users to seamlessly navigate between other Freshworks accounts and products.
What’s Coming up Soon?
- Unified invoicing and billing dashboard for multiple products or Freshservice accounts.
- The ability for admins to modify user's access/roles for one or more Freshworks products from the dashboard
- Ability to enforce 2FA as a mandatory policy for all admins/agents
What’s Changing for Administrators?
Introducing Organizational Admins
An Organizational Admin can control and manage all the configurations on the Freshworks organization dashboard. By default, the user who creates the Organization becomes the Org Admin of that Organization.
Here is a brief about the role of an Org Admin:
- There can be multiple Org Admins to manage the users and accounts.
- They can update user's profile details, configure security policies, import accounts from another organization, or change Org URL.
- They can grant or revoke Org Admin Privileges to another user in the Organization.
Who will be made an Organizational Admin?
- An account admin who signs up for Freshservice will automatically become an organization admin if Fresheservice is the only recognized product used.
- All the Freshservice agents with "Play God with Super Admin controls” permissions automatically become organizational Administrators after migration.
- If you are using other Freshworks products or Freshservice accounts, Freshservice account admins will not be converted into organization admins. They can be granted organization admin privileges by an existing Organization Admin.
Unified Login
- The current split login experience for agents and requesters (if enabled for you) is being replaced by a single login experience for both groups of users to login. The login methods and their corresponding settings will be chosen from the Freshworks’ Admin dashboard.
- You can choose to display your organization’s logo on the unified login page.
- The current login URL domain.freshservice.com will be replaced by organization.myfreshworks.com.
- All Activation Emails and Password Reset Emails will be triggered by the Freshworks organization, and hence they will be sent from [email protected].
Features you’ll miss in Freshservice going forward
- All existing login page customizations configured under Service Desk Rebranding in Freshservice will be removed. You can add login page customizations like logos from the Organization dashboard.
- The customization of forgot password email under Email Notifications in Freshservice will not be available. A standard email will be sent from Freshworks in its place.
- Login using a secondary email address will not be available anymore. - Users can use only the primary email address to login
- The https://accountname.freshservice.com/login/normal URL for password/Google login has been changed to https://organizationname.myfreshworks.com/login/normal. This supports only password login and can be accessed only by Organization Admins going forward.
Note: If password/Google login has to be enabled for non-admins, you need to either enable those options alongside SSO in your Organization Security Policy or if you are using the MSP mode, create an exclusive portal for them and map a custom policy with password/Google login enabled.
Unified Security Policies
- All password policies and SSO configurations like Google / OAuth2 / SAML / JWT based Custom SSO can be configured by Organization Admins in the Organization dashboard.
- If you choose to enable password-based login, you can configure your custom password policy to enforce the strength of the passwords your users should use.
- Freshservice admins without Organizational Admin privileges must contact their Organization Admin to configure authentication/SSO
Features you’ll miss in Freshservice going forward
- Admins cannot reset passwords for requesters in Freshservice. Requesters can reset their own passwords.
User Profile Changes
Note: Only the primary email addresses of the user profiles will be synced with the Organization Profile.
Features you’ll miss in Freshservice going forward
- Secondary Email Addresses will not be synced. Only the primary email addresses can be used for logging in.
- The access controls for self-modification of user-profiles under User Fields in Freshservice will not be applicable.
Switching to MSP Mode
To learn more about setting up security policies in Freshworks Organization for MSP accounts, you can use our documentation here.
User Creation and Editing through APIs and CSV Import
API- and CSV- based modification of First Name, Last Name, Job Title, Work Phone, Mobile Phone, Language, and Time Zone fields can only be performed by Freshservice admins who also have the organization admin role.
Delete and Forget User
- If a user has a profile only in Freshservice, deleting the user from Freshservice will erase them from Freshworks Organization. If the user is a part of multiple products, they will have to be deleted from the individual products to remove their profile from Freshworks Organization.
- Forgetting a requester will erase them from Freshworks Organization (if they are not a part of other products), in addition to removing their profile information and data from Freshservice.
What’s Changing for Agents / Requesters?
Unified Login
If your organization uses password/Google login, both web and mobile login will now redirect to the login page configured for your organization. If they use SSO, they will be directly taken to the SSO page.
User Activation from Portal
If a new Freshservice agent or requester is created, an activation email will be sent from the Freshworks organization to complete the creation of their profile.
Note: Only the primary email addresses of the user profiles will be synced with the Organization Profile.
Centralized Profile
All users can update their First Name, Last Name, Job Title, Work Phone, Mobile Phone, and their profile picture from their Freshworks profile. This avatar will be used across all Freshworks products used in the organization. They can continue to modify other profile attributes from their Freshservice profile.
Freshworks Switcher
The Switcher will show users other accounts/products that they can access under the same Freshworks organization. Requesters will now see the Freshworks Switcher on the top right corner of their screen.
Action items for you
Help us migrate you seamlessly to Freshworks organization by ensuring the following:
Unblock freshworks.com domains and emails: If you have a network or email firewall in place, ensure that freshworks.com and myfreshworks.com are unblocked.
Inform your employees about these changes: As these changes will affect your agents and end-users, we will ensure that the migration will be rolled out post a 1-week period, during which you can communicate these changes to your employees.
Change primary addresses if required: Since user login will be possible only using primary email addresses post-migration, ensure that your employees have enabled the right primary email addresses.
Merge products into one organization: Post-migration, if you find any of your Freshworks products / accounts in an independent organization, ensure that they are merged together. You can find the instructions here.