Thursday, October 1, 2015

Single sign-on settings in salesforce.

Single sign-on settings in salesforce

Single sign-on allows users to log in via external environments. To configure the single sign-on setting for your organization, follow these steps:
1. Navigate to Setup | Security Controls | Single Sign-On Settings.
2. Click on the Edit button and select the SAML Enabled checkbox:





1. Click on Save.
2. You will be redirected back to the Single Sign-On page.
3. Under SAML Single Sign-On Settings, click on New


4. It will redirect you to the SAML Single Sign-On Setting page where you have to provide various details:


The descriptions of the various fields are found in the following table:

Field
Description

Name
Enter the full name.

SAML Version
Select the appropriate SAML version.

Issuer
Enter the identity provider's name.

Identify Provider Certificate
Click on the Browse button to upload the authentication certificate issued by your identity provider.

Custom Error URL
Enter the URL that users should be redirected to, in case any errors occur during SAML login.

SAML Identity Type
Specify what the SAML identity type will be. You can select either using the Salesforce.com users or the Federated ID.

SAML Identity Location
Specify the location of the SAML identity.




Authentication providers

These days, we are using various login credentials to access multiple websites such as Facebook and Janrain. To access these websites, you have to remember multiple login credentials, and if you are using Salesforce, that is one more credential to remember. Once you enable this feature, users can log in to Salesforce from an external service provider such as Facebook or Janrain, and there is no need to remember one more credential to log in to Salesforce. You can use your favorite account to log in to Salesforce.

To configure an authentication provider successfully for single sign-on, you need to perform the following activities:
1. Configure the login service provider website.
2. Use Apex to create a registration login handler.
3. Define the authentication provider in your Salesforce.com organization.
4. Once you set up the authentication provider, the steps that a user has to perform will be described as follows.
5. Users will try to log in to Salesforce.com using third-party identity credentials.
6. The login request will be redirected to an authentication provider for the service provider.
7. The third-party service provider authenticates the login credentials and redirects the user to Salesforce.com with the credentials.
8.  Finally, the user gets access to Salesforce.com.

To configure the authentication provider in Salesforce.com, you have to follow these steps:
1. Navigate to Setup | Administer | Security Controls | Auth. Providers.
2. Click on New, as shown in the following screenshot:



3. It will redirect you to a new page, where you have to select the authentication provider 
4. The following is a screenshot for Facebook as the authentication provider:


5. Here, you have to specify information for the mandatory fields (the fields that feature a red mark). The fields shown depend on the authentication provider. The description of various fields is as follows:

Field
Description
Name
This specifies the name of the authentication provider.
URL Suffix
This specifies the suffix to be used in client configuration URLs.
Consumer Key & Secret
The authentication provider provides this information. In this scenario, Facebook will provide the information when you create an application in Facebook.
Custom Error URL
This is an optional field where you can specify the URL to be used by the provider to report any errors.
Registration Handler
This is the Apex class used for registration handling.
Portal
If the SSO needs to be extended to portal users, select an appropriate portal for this.






0 comments:

Post a Comment

 
| ,