Configuring SAML SSO for ZOHO

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and ZOHO.

Prerequisite

  1. Login to ADSelfService Plus as an administrator.
  2. Navigate to  Configuration → Self-Service → Password Sync/Single Sign On → Add Application, and select Zoho from the applications displayed.
    Note: You can also find Zoho application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
  3. Click IdP details in the top-right corner of the screen.
  4. In the pop-up that appears, copy the Login URL, Logout URL and download the SSO certificate by clicking on the Download Certificate button.

Zoho (Service Provider) configuration steps

  1. Log in to Zoho accounts service (https://accounts.zoho.com ) with administrator credentials.
  2. Navigate to Organization → SAML Authentication option from the left panel menu.
  3. Click Setup Now or click Edit if any other SAML Configuration available.
  4. In the SAML Authentication popup's Sign-in URL field, Enter the Login URL copied in the Step 4 of Prerequisite
  5. In the SAML Authentication popup's Sign Out URL field, Enter the Logout URL copied in the Step 4 of Prerequisite
  6. In the SAML Authentication popup's Change Password URL field, Enter the ADSelfService Login URL (Ex: https://selfservice-domainportal).

  7. In the SAML Authentication popup's X.509 Certificate field, Upload the certificate file downloaded in the Step 4 of Prerequisite.

  8. Click Configure.

  9. Click on Download Metadata and open the metadata file in a text editor. Locate the AssertionConsumerService (ACS URL) parameter and copy it which will be used later.

ADSelfService Plus (Identity Provider) configuration steps

  1. Now, switch to ADSelfService Plus’ Zoho configuration page.
  2. Enter the Application Name and Description.
  3. Enter the Domain Name of your Zoho account. For example, if you use johndoe@thinktodaytech.com to log in to Zoho, then thinktodaytech.com is the domain name.
  4. In the Assign Policies field, select the policies for which SSO need to be enabled.
    Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
  5. Select Enable Single Sign-On.
  6. Enter the SAML Redirect URL which is your Zoho Portal URL ( If you are not having separate portal, then fill up with https://accounts.zoho.com )
  7. Enter the ACS URL you had saved in Step 9 of Zoho configuration.
  8. In the Name ID Format field, choose the format for the user login attribute value specific to the application.

    9. Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application

  9. Click Add Application

    10. Your users should now be able to sign in to Zoho Online through ADSelfService Plus.
    Note: For Zoho, Both SP-initiated and IDP-initiated flow is supported.
Go to Top

Thanks!

Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.

 

Need technical assistance?

  • Enter your email ID
  • Talk to experts
  •  
     
  •  
  • By clicking 'Talk to experts' you agree to processing of personal data according to the Privacy Policy.

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try onboarding

     

Copyright © 2024, ZOHO Corp. All Rights Reserved.