Getting Started with DeskDirector
Admin Console
Portal
Settings
Service Catalogue
Forms
Getting started with DeskDirector Forms
DeskDirector Forms - Question Types in Detail
DeskDirector Forms - Dynamic Fields
DeskDirector Forms - Dynamic Fields Implementation Example
DeskDirector Forms - Sections and Conditionals
DeskDirector Forms - Embed content
DeskDirector Forms - Replace Summary Field with Title Automation
DeskDirector Forms - Dynamic content
DeskDirector Forms - Field value format for automation
Service Catalogue
Service Types
Service Groups
Enable or Disable the 'Something Else' Option
Companies
Contacts
Managing Contacts in DeskDirector
Exporting Contacts as CSV
Ticket Group Permissions
Contact Impersonation
Portal Access
Feature Preview
DeskDirector Desktop Portal V5
Tech
System
Feature Configuration
Default Board and Source
Adding a VIP Priority via the Admin Console
Automatic Contact Creation
Updating, Closing, and Reopening Tickets
Office Hours
Analytics
Contact Authentication Audit Log
Tech Portal
Tickets
Managing Tickets from the Tech Portal
Tech Portal Ticket Details
Creating a Ticket from the Tech Portal
Request more information (forms request) with Task Forms
Enable/Disable Time Entry Timer Autostart
Chat
Getting Started with DeskDirector Chat
Handling Chat Requests
Viewing Chat History from the Tech Portal
Creating a Chat Session from the Tech Portal
Changing your Presence
"Pre-Ticket Chat" Feature
"Call me Back" Feature
Macros
Client Portal
Contact Support
Creating a Ticket from the Client Portal
Submitting a Generic Ticket
Creating a Chat Session from the Client Portal
Viewing Chat History from the Client Portal
Tickets
Deskdirector - Sign up walk through
Managing your DeskDirector Subscription
Logging in to DeskDirector
What is the DeskDirector Admin Console?
What is the DeskDirector Tech Portal?
What is the DeskDirector Client Portal?
DeskDirector Roles and Permissions
Tickets & Chats
A walk through all the fields available in DeskDirector forms
Getting Started with Custom Branding
Getting Started with Custom Menus
Getting Started with Custom Email Templates
Getting Started with Surveys
Notifications & Broadcasts
Getting Started with the Menu System
BiggerBrains & Learning Center
Getting Started with the Learning Center
The Developer Corner
Features
Login & Authentication
User Groups
Approvals
Task Lists
Menus
Menu Items
Notifications
Email Notifications
Email Template Engine
Surveys
Broadcasts
Custom Branding
Easy Integrations
Analytics
Other DeskDirector Features
Ticket Dynamic Contents
The Learning Center
Webhooks
Workflows
Integrations
ConnectBooster
Wise-Pay
QuoteWerks
ConnectWise Sell (previously Quosal)
How to configure ConnectWise Sell (previously Quosal) Order Porter integration
Adding ConnectWise Sell (previously Quosal) Order Porter Link to Opportunity
Microsoft Flow (Power Automate)
Get started with the DeskDirector Power Automate Connector
Power Automate Administration
Power Automate Template Gallery
Featured Solution: Teams Ticket Discussion
Featured Solution: Ticket Briefing
DeskDirector Connector Triggers
Action: Create an email from template
Power Automate Connector - Setting up your first flow
Getting Support for the DeskDirector Connector for Power Automate
AutoTask
ConnectWise
ConnectWise Quotes & Invoices
BiggerBrains
Logging the ConnectWise API
OneNote Notebooks
Microsoft Teams App
Introducing the DeskDirector for Microsoft Team App
Setting up Content Security Policy (CSP)
Installing the Microsoft Teams App (Tech)
Setting up Tags for Teams Discussions (Tech)
Setting up DeskDirector for Microsoft Teams for your clients (Client mode)
Branding the DeskDirector Teams App
DeskDirector Teams App Notifications
User Groups Integration with Microsoft Teams
Troubleshooting
Advanced topic: Setting up Tech & Client Mode in the same tenancy
Integrating Microsoft Teams with DeskDirector Tech Portal
Smart Alerts for Tech Users
Release Notes - DeskDirector Teams App
Contact Support
Troubleshooting
APIs and Integration
ConnectWise 2019.5+
Autotask integration major update 2022
ConnectWise Member Impersonation
Autotask Resource Impersonation
Autotask 2020.3 integration (API) resource migration
Third-party integration with DeskDirector
Authentication
Desktop Portal
Diagnosing DeskDirector Desktop Portal Issues
DD Portal for Mac: Labtech Deployment Guide
DDPortal removal tool - uninstalling Windows portals
Deploying DD Desktop Portal v5 via PowerShell
Desktop Portal v5 Installation & Common Issues
Instance & Account Queries
Setting up your custom domain
Contact Limits FAQs
Finding out what server your DeskDirector instance is on.
How search works in DeskDirector products
Portal and User Issues
User can't log in
DeskDirector Portal Browser Support
Contact can't login portal, the contact is missing in admin console but it is in ConnectWise
DeskDirector Tech Portal - How to take advantage of browser tabs
Add DeskDirector Tech Portal as a Custom Menu item inside ConnectWise Manage
Sign in with Microsoft Issue in Tech or Admin Console - "Need Admin Approval"
How do I add Tech Members/Contacts/Companies to my DeskDirector instance?
Time Stamps in DeskDirector Portal
Missing contacts or companies in DeskDirector but they are in my PSA
User Group FAQs
Chat permission granted but "Chat" option is missing on "Contact Support" page
How do we set a landing page for the client portal?
Other Articles
Login & Authentication - Common Issues
DeskDirector Desktop App - Installation Issues
Tickets & Chats - Common Issues
ConnectWise Integration - Common Issues
Diagnose Entities Tool
Approvals - Common Issues
Troubleshooting via Web Developer Tools
Switching PSA or merging with another CW/AT instance
How to Allow Time Entries for StreamlineIT Members
Email & Email Delivery - Common Issues
Essential and Dynamic Plan Breakdown
Advanced Use
Generative AI
DeskDirector with Generative AI
Setting up AI Service Providers
AI Assistants in DeskDirector
Custom Tools for AI Assistants
Knowledge Bases for AI Assistants
Ticket Summary for Tech Portal
DeskDirector API
Subscribing to Chat Webhooks
Portal Deep Linking
Webhook Example with Zapier
Chat Session Payload
Get started with portal extension page demo
Dynamic content based on logged in user
Clean Tickets
Exporting Portal Usage
TimeZest integration with DeskDirector
Troubleshooting Connectwise/Autotask-related integration issues
Security
Glossary
Release Notes
Client Portal
Server
Tech Portal
Portal Release Notes - Windows/macOS
Differences Between different Desktop Portal version
Portal Release Notes - Web Client
Release Notes in the Admin Portal
Archived
- All Categories
- Archived
- (ARCHIVED;MERGED) Client Portal Office365 Single Sign-On
(ARCHIVED;MERGED) Client Portal Office365 Single Sign-On
DeskDirector's client portal offers Office 365 Single Sign-On (OAuth) as the recommended login method for users. This authentication mechanism provides a secure and convenient way for users to access the client portal using their Office 365 credentials. By leveraging OAuth, DeskDirector enhances the login experience and offers additional security features, including two-factor authentication (2FA) and the latest security protectors provided by Microsoft.
Benefits of Using OAuth for Client Portal Login:
- Enhanced Security: OAuth provides a more secure authentication method compared to traditional password-based logins. With OAuth, user passwords are not stored or transmitted directly to DeskDirector. Instead, the authentication process is handled by Microsoft's secure infrastructure. This reduces the risk of password-related vulnerabilities, such as weak passwords, password reuse, or interception of credentials.
- Two-Factor Authentication (2FA): DeskDirector leverages the 2FA capabilities provided by Microsoft through OAuth. With 2FA enabled, users are required to provide an additional verification factor, such as a unique code sent to their mobile device or a biometric scan, in addition to their Office 365 credentials. This adds an extra layer of security, making it significantly more challenging for unauthorized individuals to gain access to the client portal, even if the user's password is compromised.
- Compliance with Industry Standards: By utilizing OAuth and integrating with Office 365, DeskDirector aligns with industry best practices and security standards. Microsoft invests heavily in securing their authentication infrastructure, ensuring that OAuth meets stringent security requirements and undergoes regular security audits and updates. By leveraging OAuth, DeskDirector inherits the robust security measures implemented by Microsoft, further enhancing the protection of user accounts and sensitive data.
- Continuous Security Improvements: Microsoft continually enhances the security features and protocols associated with OAuth. They monitor and address emerging threats, implement advanced security controls, and provide regular security updates to address vulnerabilities. By using OAuth for client portal authentication, DeskDirector customers benefit from these continuous security improvements without requiring additional effort or maintenance on their part.
The DeskDirector client portal's Office 365 Single Sign-On (OAuth) offers numerous benefits over traditional password-based logins. It enhances security, provides the option for two-factor authentication (2FA), enables centralized user management, complies with industry standards, and leverages continuous security improvements provided by Microsoft. By default, OAuth is enabled for all newly registered customers, offering a robust and convenient login experience while ensuring the highest level of security for accessing the client portal.
Configuration
You can enable or disable Office365 SSO in Authentication settings, which you can access from System/Authentication/Client Portal Office365.
Custom Application
DeskDirector has recently introduced a streamlined approach for enabling Single Sign-On (SSO) in the client portal, eliminating the need for customers to register their own application in the Azure Portal. Previously, customers had the option to register a custom application, but this process required complex configuration and ongoing maintenance to ensure its functionality. Additionally, the custom application's secret had a limited lifetime, necessitating regular updates.
With DeskDirector's latest enhancement, SSO can now be enabled without the requirement of a custom application. Instead, DeskDirector utilizes its own registered application for OAuth. This approach simplifies the setup process for customers as they no longer need to register an application, configure settings, or manage secrets. Moreover, DeskDirector's registered application is approved and certified by Microsoft, ensuring a secure and reliable authentication experience for users.
In the past, the custom application provided customers with the ability to display their own branding during the OAuth consent process, where the application would request permission to access user profiles. However, with the introduction of admin consent, tenant administrators can grant consent on behalf of all tenant users. As a result, the streamlined login flow eliminates the need for the consent page, making the custom application unnecessary. Customers can continue to utilize their custom application until DeskDirector announces its full end of support.
By leveraging DeskDirector's default application for SSO, customers can enjoy a simplified setup process and reduced maintenance efforts, while still benefiting from a secure and seamless authentication experience in the client portal.
Q: Why DeskDirector deprecated custom application?
A: Custom application is never a legit way to perform OAuth. The application should be owned by the software service provider, not by customer. The responsibility of reading user profile should be taken by DeskDirector. That is from legal point of view. Where from usability point of view, we also came to a point we have to deprecate it. As DeskDirector expand it's features, there are many settings we have to adjust, and the secret maintenance is also an issue for our customer.
Q: What is issue for secret maintenance?
A: Secret of the application should be short lived, thus Microsoft has been limiting secret's life time to maximum of 2 years, and they also introduced asymmetric key to replace secret. As we keep improve the security, we will eventually move to use asymmetric key rather than secret. As such, the maintenance cost for both DeskDirector and our customer is way too much.
Q: Will DeskDirector remove Custom Application anytime soon?
A: We don't have any specific date been setup, the feature has been deprecated on 15th of Jun 2023, 6 months after its deprecation will be the safe call that there is high chance we will remove it from the system at any point.
Q: Do we need to adjust anything for this deprecation?
A: No, everything should be working as intended, even if we remove the custom application, we will based on existing setup to auto enable default SSO. The only impact will be the end user might encounter consent to view their profile.
Q: How do we minimize impact?
A: You can perform admin consent to grant DeskDirector to read user profile for a specific tenant. You can perform that under company profile page or authentication page. Admin consent will not grant DeskDirector to list users of the tenant, it only allow auto approve consent when a specific user of that tenant request it.
Q: What scopes will DeskDirector ask through admin consent?
A: User.Read, openid, email and profile. You can check what to expect at Microsoft document. During authentication, our application will only ask to read user's profile through User.Read, where openid, email and profile are for desktop application to authenticate user. It uses OAuth's openid to read user's profile, such as primary email.
