User management and SSO

DESK makes it easy to manage user permissions based on user account membership in user groups. You can manage these accounts and groups locally, through LDAP, or through an IdP.

In DESK Managed, select User authentication in the navigation menu to access user authentication configuration pages.
In DESK SaaS, select Account settings in the user profile menu to access user authentication configuration pages.

More about managing user accounts and groups

Users, user groups, and permissions

Each user account is assigned to one or more user groups.
Each user group is assigned a set of permissions.
Each user assigned to a group inherits the permissions of that group.
When you change the permissions of a group, the permissions of each user in that group change accordingly.
When you assign a user to multiple groups, the user inherits the combined permissions of all those groups.

These rules apply to DESK Managed and to DESK SaaS. See Manage user groups and permissions for an overview of groups and permissions.

User and group management options

Whether you have a DESK Managed or DESK SaaS deployment, you can:

Use an internal user database to manage users and groups with no external authentication.
Connect your DESK Server to an external LDAP authentication server to import user groups or accounts that need access to your DESK environment. With LDAP integration, all users are accessed from your external LDAP resource. You then assign group privileges and roles through LDAP.
Integrate DESK with an SSO IdP (Single Sign-On Identity Provider) for the management of users and groups.
- You can integrate a DESK SaaS deployment with SAML 2.0 as an SSO IdP.
- You can integrate a DESK Managed deployment with SAML 2.0 or OpenID as an SSO IdP.

User management and SSO

Users, user groups, and permissions

User and group management options

DESK Managed

DESK SaaS

IdP-specific configuration

Getting more information