This article describes how to set up authentication for Freshservice Support SDK (FSSupportSDK) using SSO with custom JSON Web Tokens (JWT).
Important: You must go through How to Configure SSO with Custom JWT Implementation before continuing further.
Mobile SDK authentication flow
While much of the SSO-JWT authentication process is the same as outlined in the above mentioned article, there are additional steps related to mobile SDK integration.
The key difference lies in the extra data user_token, which your mobile app will pass during authentication.
How JWT SSO works for Mobile SDK
The authentication flow includes:
Initiating the Login request
Redirecting to JWT SSO service
Redirecting back to Freshservice
Initiating the Login request
The FSSupportSDK is initialized with parameters domain, slug, and userToken. Once the SDK is integrated, it automatically initiates the authentication request with Freshservice when required.
For information on FSSupportSDK initialization, see How to integrate Freshservice Support SDK on iOS and How to integrate Freshservice Support SDK on Android support articles.
Redirecting to JWT SSO service
During authentication, the request is redirected to the appropriate JWT SSO URL based on the slug. Along with the standard JWT parameters (client_id, state, nonce), the user_token is passed to the URL.
For example, if Freshworks JWT SSO URL for this account is:
https://awesomecompany.com/sso/jwt/login
then, the redirect URL would be:
Redirecting back to Freshservice
After the user_token is validated, the user is redirected back to Freshworks to complete the authentication process. Freshworks will validate the JWT and establish the user session, granting them access to the portal.
Registration process
To set up authentication for the Freshservice Support SDK, reach out to us at support@freshservice.com with the following subject line ‘Freshservice Support SDK for Mobile: Integration Request’. We will assist you with the next steps.
