TokenLink SSO Login for Zendesk (by Mailborder)

Secure, Lightweight Zendesk SSO for WordPress

Authenticate your WordPress users directly into Zendesk using industry-standard JSON Web Tokens — no external dependencies, no tracking, no bloat. The plugin is totally free, but any donation is greatly appreciated.

 

Background

Mailborder needed a plugin that does SSO logins for Zendesk. Nothing good existed, so we made one. We decided to share it with the community on an open source basis. And the internet celebrated ...

What It Does

TokenLink SSO Login for Zendesk provides seamless single sign-on between your WordPress site and Zendesk. When a logged-in WordPress user clicks the support link, they’re automatically signed in to Zendesk — no separate credentials, no extra logins.

  • 🔐 JWT Authentication: Uses Zendesk’s official JSON Web Token SSO endpoint.
  • ⚙️ Simple Setup: Enter your Zendesk subdomain and shared secret — that’s it.
  • 🚫 No Dependencies: No Composer, no external SDKs, no Freemius.
  • 🧩 Lightweight: ~40 KB footprint, no background services, no telemetry.
  • 💬 Shortcode Ready: Simply add the shortcode to any page to create an SSO login.
  • 🧱 Secure by Design: Based on the modern Firebase PHP-JWT library.

How It Works

When a logged-in user clicks your Zendesk login link, WordPress generates a signed JWT token and securely redirects them to your Zendesk /access/jwt endpoint. Zendesk verifies the token and logs them in instantly.

  1. User logs in to WordPress.
  2. User clicks “Support” or any page with the shortcode [ tokenlink_zendesk_login ] (remove spaces)
  3. Plugin builds a JWT (with name, email, timestamp).
  4. Zendesk validates the signature using your shared secret.
  5. User lands inside your Zendesk helpdesk — authenticated.

Setup Instructions

  1. Install and activate the plugin.
  2. Go to Settings → TokenLink - Zendesk
  3. Enter your Zendesk subdomain (for example, mailborder for mailborder.zendesk.com).
  4. In Zendesk, navigate to Admin Console → Account → Security → Single sign-on and create a new JSON Web Token (JWT) configuration.
  5. Copy the Shared Secret value from Zendesk and paste it into the plugin settings.
  6. Optionally add the URL you want the plugin to use for user login.
  7. Add the shortcode [ tokenlink_zendesk_login ] (remove spaces) to any page , and optionally link that page from a menu item.
  8. When that page loads, it will automatically execute the login.

That’s it — your WordPress users are now automatically logged in to Zendesk.

About the Developer

Developed by Jerry Benton / Mailborder Systems
The same team behind the Mailborder Security Gateway and MailScanner v5.
We write efficient, auditable code for secure mail and web systems — no telemetry, no phoning home, no bullshit.

Screenshots

  • Settings page showing Zendesk subdomain and shared secret fields.
  • Zendesk admin interface SSO login setup.
  • Example SSO page with shortcode.

Security Notes

The plugin uses the official Firebase JWT library (BSD 3-Clause License) and implements HS256 signing. Tokens are generated on demand, contain only non-sensitive user data, and expire immediately after login.

Download & Resources