Enabling LoginShare for staff user accounts

LoginShare is the mechanism for authenticating your support desk users using an external database or authentication mechanism.

With LoginShare you can integrate your GFI HelpDesk product with your existing Intranet, LDAP (Active Directory) or any third party applications. Single sign-on enables centralized management of staff and user accounts from one single source.

If you already have backend systems and user databases available, this enables you to let your users log in, without registering another account.

Enabling LoginShare:

  1. To configure LoginShare settings in the support desk, click on the Staff tab on the navigation menu bar, and then click LoginShare.
  2. You are presented with all the configurable settings specific to the LoginShare configuration.
  3. Enable external authentication for staff If this setting is set to Yes, all authentication requests for the staff is first tried against the URLUniform Resource Locator is the address of a web page on the world wide web. specified below in the "Staff LoginShare URL" field, that is the LoginShare API.
    Staff LoginShare API name Specify a name that you wish to keep for this LoginShare
    Staff LoginShare API URL Specify the LoginShare API URL here. This is a URL to the location of an authentication script.
  4. Click Update to upload and save the settings you have made. Once enabled, the system dispatches each login by your staff to the authentication URL. It is important that your LoginShare script is properly tested or you could lock yourself out of the system.

LoginShare protocol:

The LoginShare script needs to be designed to receive the following data via POST

The LoginShare script needs to reply back with an XML format that corresponds to one of the following formats:

It is important to add interface related checks to your script or you could end up allowing access to the Admin CP.

Authentication failed

<?xml version="1.0" encoding="UTF-8"?>



<message>Invalid Username or Password</message>


Authentication successful

All staff user accounts created by the LoginShare system have a random password assigned to them.

<?xml version="1.0" encoding="UTF-8"?>









<signature>John Doe(john.doe@gfihelpdesk.com)</signature>




How are staff identified?

Each staff account is identified based on the username of that account. The system expects each username of staff to be unique, otherwise, it simply ends up updating the staff record every time a new staff user attempts to log in.

How is authentication failure handled?

  • Staff control panel
  • The staff is denied access to the staff control panel.

  • Administrator control panel
  • The system attempts to authenticate the staff against the user account information in GFI HelpDesk's default authentication system(stored in your helpdesk's database). This is to prevent any lockouts in case your LoginShare script fails or becomes unreachable.

    All staff accounts created in GFI HelpDesk's default authentication system as a result of LoginShare authentication has secure random passwords assigned to them.

    This means that only the staff created prior to the implementation of LoginShare are able to log in using this fallback method.