Macha
Helpdesk Concepts

Single Sign-On (SSO)

Definition

Single sign-on (SSO) is an authentication method that lets users log in once with one set of credentials and access multiple applications — including a help desk — without signing in separately to each.

Also known as: SSOfederated loginSAML login

How it works

SSO relies on a central identity provider (IdP) such as Okta, Microsoft Entra ID, or Google Workspace. When a user opens the help desk, it redirects to the IdP; if the user already has an active session there, the IdP vouches for them and grants access, typically via a standard protocol like SAML or OpenID Connect.

For end customers, SSO can also power a logged-in help center or support portal — the customer's existing account authenticates them into support content and ticket history automatically.

Why it matters

SSO improves both security and experience. Agents keep one strong, centrally managed credential instead of a password per tool, and IT can enforce policies like MFA and instant deprovisioning from one place.

  • Fewer passwords to manage and phish
  • Central control over access and offboarding
  • Faster onboarding — access follows the identity provider
  • Enables audited, policy-based access to sensitive support data

Frequently asked

What is the difference between SSO and MFA?

SSO is about logging in once for many apps; MFA (multi-factor authentication) is about proving identity with more than a password. They're complementary — SSO often enforces MFA at the identity provider.

Is SSO usually a paid help-desk feature?

Often, yes. SAML-based SSO is commonly gated to higher-tier or enterprise plans on most help-desk platforms.

Put these ideas to work

Macha is an AI agent layer that sits on top of the help desk you already run — Zendesk, Freshdesk, Front, Intercom, or Gorgias.

Start Trial