Getting Started with DeskDirector
Admin Console
Admin Console : Getting Started
Portal
Settings
Profile
Branding your DeskDirector Portal via Brand Packages
Color Theming a Portal via Brand Packages
Avatars in the DeskDirector Portal
Features
Enable/Disable Chat Callback Feature
Enable/Disable Pre-Ticket Chat
Enable or Disable the 'Something Else' Option
Embedding Media as the Help Page
User Groups
File Storage
Tickets
Permissions
Portal Permissions in DeskDirector
FastTrack in DeskDirector
Setting Up and Using the VIP Priority
How to setup the Flag feature (ConnectWise)
Have Approvals go to Approvers according to site (ConnectWise)
Quotes (ConnectWise)
Invoices (ConnectWise)
Request Types
Setting up Request Type Items
Request Type Ordering in the Client Portal
Getting Started with Request Type Groups
Forms
Getting started with DeskDirector Forms
DeskDirector Forms - Question Types in Detail
DeskDirector Forms - Dynamic Fields
DeskDirector Forms - Dynamic Fields Implementation Example
DeskDirector Forms - Sections and Conditionals
DeskDirector Forms - Embed content
DeskDirector Forms - Replace Summary Field with Title Automation
Importing Wufoo Forms to DD Forms
DeskDirector Forms - Dynamic content
DeskDirector Forms - Field value format for automation
Sharing Forms
Companies
User Groups
Managing Companies in DeskDirector
Filtering Companies to Manage
Exporting Companies as CSV
Contacts
Managing Contacts in DeskDirector
Exporting Contacts as CSV
Ticket Group Permissions
Contact Impersonation
Menu Group
Menu Items
Intro to Menu Items
Creating Menu Items
Extension Menu Security and Query Paramaters
Adding BiggerBrains Menu Item
Learning Center
Getting Started with the Learning Center
How to change the name of the Learning Center
Useful Learning Center Tips - Adding files from Google and Dropbox
Notebooks
Portal Access
Notifications
Desktop Installer
Feature Preview
Tech
Email Notifications Overview
Setting up Global Email Notification Settings
Setting up Office 365 Mail Delivery
Setting up SMTP Server Mail Delivery
Setting up SendGrid Email Delivery
Getting Started with Email Template Engine - DeskDirector
Creating Custom Email Template
Setting Email Templates for Notification Events
Email Templates Auto Login Link
HTML Email Templates - ConnectWise
HTML Email Templates - Autotask
ConnectWise - Avoid Aggressive Notifications
Troubleshooting email delivery issues using "Delivery History"
System
Feature Configuration
Default Ticket Board and Source
Setting up your Approval Statuses
Adding a VIP Priority via the Admin Console
Automatic Contact Creation
Setting Reopened Ticket Status
Setting Status when Ticket is Closed
Change Ticket Status when Customer Adds Note
Hosts Configuration
PSA Integration (ConnectWise/Autotask)
Setting Office Hours
Enabling OAuth (Microsoft Login) for DeskDirector Portal
Logging in with Passwordless
Global Magic Token: Logging in via URL
Client Portal Office365 Single Sign-On
Switching from Custom Application OAuth to the new OAuth
Integrations
ConnectBooster
Wise-Pay
QuoteWerks
ConnectWise Sell (previously Quosal)
How to configure ConnectWise Sell (previously Quosal) Order Porter integration
Adding ConnectWise Sell (previously Quosal) Order Porter link to opportunity
Microsoft Flow (Power Automate)
Get started with the DeskDirector Power Automate Connector
Power Automate Administration
Power Automate Template Gallery
Featured Solution: Teams Ticket Discussion
Featured Solution: Ticket Briefing
DeskDirector Connector Triggers
Action: Create an email from template
Power Automate Connector - Setting up your first flow
Advanced
Deleting Orphaned Tickets
Developer Corner
Workflows
Managing Webhooks
ConnectWise API Integration Tester
Autotask Data Sync
Diagnose Entities Tool
Analytics
Account
Surveys
Task Lists
Service Agent Change Log
Auditing and Analytics
Contact Authentication Audit Log
Tech Portal
Tech Portal : Getting Started
Tickets
Managing Tickets from the Tech Portal
Tech Portal Ticket Details
Creating a Ticket from the Tech Portal
Request more information (forms request) with Task Forms
Enable/Disable Time Entry Timer Autostart
Broadcasts
Chat
Getting Started with DeskDirector Chat
Handling Chat Requests
Viewing Chat History from the Tech Portal
Creating a Chat Session from the Tech Portal
Changing your Presence
"Pre-Ticket Chat" Feature
"Call me Back" Feature
Macros
Notifications
Client Portal
Client Portal : Getting Started
Contact Support
Creating a Ticket from the Client Portal
Submitting a Generic Ticket
Creating a Chat Session from the Client Portal
Viewing Chat History from the Client Portal
Tickets
Approvals
Quotes & Invoices
Learning Center
BiggerBrains
Notifications
A walk through all the fields available in DeskDirector forms
Logging in to DeskDirector Workflow
Deskdirector - Sign up walk through
DeskDirector Roles and Permissions
Features
Tickets & Chats
Notifications & Broadcasts
Custom Forms & Request Types
Custom Branding
Custom Menus
Custom Email Templates
Surveys in DeskDirector
Approvals in DeskDirector
Easy Integrations
Advanced Authentication. No password, Single Sign On, MFA and beyond?
BiggerBrains & Learning Center
Analytics
Other DeskDirector Features
Ticket Dynamic Contents
How Tos & FAQs
APIs and Integration
ConnectWise SOAP API credential
Creating an Integrator Login in ConnectWise (SOAP API)
Creating a ConnectWise RESTful Integrator API Key
ConnectWise 2019.5+
Autotask integration major update 2022
ConnectWise Member Impersonation
Autotask Resource Impersonation
Creating an integrator API resource in Autotask
Autotask 2020.3 integration (API) resource migration
Third-party integration with DeskDirector
Authentication
How User Authentication works in DeskDirector
Setting/Resetting a Contact's Password
Logging in with Active Directory
Desktop Portal
Desktop Portal v4 Installation - For the Legacy App
Diagnosing DeskDirector Desktop Portal Issues
Diagnosing automatic login issues (ActiveDirectory) using the DDGetSID CLI tool
Antivirus Blocking DeskDirector Portal Installation
Troubleshooting your DeskDirector Portal installation
DD Portal for Mac: Labtech Deployment Guide
DDPortal removal tool - uninstalling Windows portals
Deploying DD Desktop Portal v5 via PowerShell
Desktop Portal v5 Installation & Common Issues
Instance & Account Queries
Setting up your custom domain
Contact Limits FAQs
Finding out what server your DeskDirector instance is on.
How search works in DeskDirector products
Portal and User Issues
User can't log in
DeskDirector Portal Browser Support
Contact can't login portal, the contact is missing in admin console but it is in ConnectWise
DeskDirector Tech Portal - How to take advantage of browser tabs
Add DeskDirector Tech Portal as a Custom Menu item inside ConnectWise Manage
Sign in with Microsoft Issue in Tech or Admin Console - "Need Admin Approval"
How do I add Tech Members/Contacts/Companies to my DeskDirector instance?
Time Stamps in DeskDirector Portal
Missing contacts or companies in DeskDirector but they are in my PSA
User Group FAQs
Chat permission granted but "Chat" option is missing on "Contact Support" page
How do we set a landing page for the client portal?
Tickets
User can't see "All Tickets" option
Tickets are missing in DeskDirector but they are on my PSA
My customer is seeing deleted tickets in portal
Ticket Description missing on ConnectWise emails
Other Articles
Top 10 Request Types
Generic vs Customized Request Types
Using Markdown
Desktop Portal (Installed client) Vs. Web Portal (Web Client)
Outdated Articles
Common WuFoo errors
Changing the Summary of Wufoo Tickets
Creating your first Wufoo form
Adding Wufoo Forms To Request Support
Getting started with WuFoo Forms
Debugging Your Wufoo Integration
Switching PSA or merging with another CW/AT instance
How to Allow Time Entries for StreamlineIT Members
Essential and Dynamic Plan Breakdown
Advanced Use
DeskDirector API
Subscribing to Chat Webhooks
Portal Deep Linking
Webhook Example with Zapier
Chat Session Payload
Legacy URL Linking in DeskDirector
Get started with portal extension page demo
Dynamic content based on logged in user
Clean Tickets
Exporting Portal Usage
TimeZest integration with DeskDirector
Troubleshooting Connectwise/Autotask-related integration issues
Release Notes
Client Portal
Server
Tech Portal
Portal Release Notes - Windows/macOS
Differences Between different Desktop Portal version
Portal Release Notes - Web Client
Release Notes in the Admin Portal
Glossary
Security
Microsoft Teams App
Introducing the DeskDirector for Microsoft Team App
Setting up Content Security Policy (CSP)
Installing the Microsoft Teams App (Tech)
Setting up Tags for Teams Discussions (Tech)
Setting up DeskDirector for Microsoft Teams for your clients (Client mode)
Branding the DeskDirector Teams App
DeskDirector Teams App Notifications
User Groups Integration with Microsoft Teams
Troubleshooting
Contact Support
Advanced topic: Setting up Tech & Client Mode in the same tenancy
Integrating Microsoft Teams with DeskDirector Tech Portal
Ticket Summary for Tech Portal
- All Categories
- Getting Started with DeskDirector
- Admin Console
- System
- Client Portal Office365 Single Sign-On
Client Portal Office365 Single Sign-On
DeskDirector's client portal offers Office 365 Single Sign-On (OAuth) as the recommended login method for users. This authentication mechanism provides a secure and convenient way for users to access the client portal using their Office 365 credentials. By leveraging OAuth, DeskDirector enhances the login experience and offers additional security features, including two-factor authentication (2FA) and the latest security protectors provided by Microsoft.
Benefits of Using OAuth for Client Portal Login:
- Enhanced Security: OAuth provides a more secure authentication method compared to traditional password-based logins. With OAuth, user passwords are not stored or transmitted directly to DeskDirector. Instead, the authentication process is handled by Microsoft's secure infrastructure. This reduces the risk of password-related vulnerabilities, such as weak passwords, password reuse, or interception of credentials.
- Two-Factor Authentication (2FA): DeskDirector leverages the 2FA capabilities provided by Microsoft through OAuth. With 2FA enabled, users are required to provide an additional verification factor, such as a unique code sent to their mobile device or a biometric scan, in addition to their Office 365 credentials. This adds an extra layer of security, making it significantly more challenging for unauthorized individuals to gain access to the client portal, even if the user's password is compromised.
- Compliance with Industry Standards: By utilizing OAuth and integrating with Office 365, DeskDirector aligns with industry best practices and security standards. Microsoft invests heavily in securing their authentication infrastructure, ensuring that OAuth meets stringent security requirements and undergoes regular security audits and updates. By leveraging OAuth, DeskDirector inherits the robust security measures implemented by Microsoft, further enhancing the protection of user accounts and sensitive data.
- Continuous Security Improvements: Microsoft continually enhances the security features and protocols associated with OAuth. They monitor and address emerging threats, implement advanced security controls, and provide regular security updates to address vulnerabilities. By using OAuth for client portal authentication, DeskDirector customers benefit from these continuous security improvements without requiring additional effort or maintenance on their part.
The DeskDirector client portal's Office 365 Single Sign-On (OAuth) offers numerous benefits over traditional password-based logins. It enhances security, provides the option for two-factor authentication (2FA), enables centralized user management, complies with industry standards, and leverages continuous security improvements provided by Microsoft. By default, OAuth is enabled for all newly registered customers, offering a robust and convenient login experience while ensuring the highest level of security for accessing the client portal.
Configuration
You can enable or disable Office365 SSO in Authentication settings, which you can access from System/Authentication/Client Portal Office365.
Custom Application
DeskDirector has recently introduced a streamlined approach for enabling Single Sign-On (SSO) in the client portal, eliminating the need for customers to register their own application in the Azure Portal. Previously, customers had the option to register a custom application, but this process required complex configuration and ongoing maintenance to ensure its functionality. Additionally, the custom application's secret had a limited lifetime, necessitating regular updates.
With DeskDirector's latest enhancement, SSO can now be enabled without the requirement of a custom application. Instead, DeskDirector utilizes its own registered application for OAuth. This approach simplifies the setup process for customers as they no longer need to register an application, configure settings, or manage secrets. Moreover, DeskDirector's registered application is approved and certified by Microsoft, ensuring a secure and reliable authentication experience for users.
In the past, the custom application provided customers with the ability to display their own branding during the OAuth consent process, where the application would request permission to access user profiles. However, with the introduction of admin consent, tenant administrators can grant consent on behalf of all tenant users. As a result, the streamlined login flow eliminates the need for the consent page, making the custom application unnecessary. Customers can continue to utilize their custom application until DeskDirector announces its full end of support.
By leveraging DeskDirector's default application for SSO, customers can enjoy a simplified setup process and reduced maintenance efforts, while still benefiting from a secure and seamless authentication experience in the client portal.
Q: Why DeskDirector deprecated custom application?
A: Custom application is never a legit way to perform OAuth. The application should be owned by the software service provider, not by customer. The responsibility of reading user profile should be taken by DeskDirector. That is from legal point of view. Where from usability point of view, we also came to a point we have to deprecate it. As DeskDirector expand it's features, there are many settings we have to adjust, and the secret maintenance is also an issue for our customer.
Q: What is issue for secret maintenance?
A: Secret of the application should be short lived, thus Microsoft has been limiting secret's life time to maximum of 2 years, and they also introduced asymmetric key to replace secret. As we keep improve the security, we will eventually move to use asymmetric key rather than secret. As such, the maintenance cost for both DeskDirector and our customer is way too much.
Q: Will DeskDirector remove Custom Application anytime soon?
A: We don't have any specific date been setup, the feature has been deprecated on 15th of Jun 2023, 6 months after its deprecation will be the safe call that there is high chance we will remove it from the system at any point.
Q: Do we need to adjust anything for this deprecation?
A: No, everything should be working as intended, even if we remove the custom application, we will based on existing setup to auto enable default SSO. The only impact will be the end user might encounter consent to view their profile.
Q: How do we minimize impact?
A: You can perform admin consent to grant DeskDirector to read user profile for a specific tenant. You can perform that under company profile page or authentication page. Admin consent will not grant DeskDirector to list users of the tenant, it only allow auto approve consent when a specific user of that tenant request it.
Q: What scopes will DeskDirector ask through admin consent?
A: User.Read, openid, email and profile. You can check what to expect at Microsoft document. During authentication, our application will only ask to read user's profile through User.Read, where openid, email and profile are for desktop application to authenticate user. It uses OAuth's openid to read user's profile, such as primary email.
