? SLX - SalesForce Gateway
support@securelynkx.com +91 9310066015



SALESFORCE IDP FOR COMMUNITY USERS


SALESFORCE IDP FOR COMMUNITY USERS SLX Connect provides a ready to use solution for Community Users. This solution ensures that you are ready to roll out secure access to your employees within minutes.


Salesforce

Salesforce began with the vision of reinventing Customer Relationship Management (CRM). Since then salesforce has changed the way enterprise software is delivered and used, changing the industry forever. All Salesforce products run entirely in the cloud so there are no expensive setup costs, no maintenance, and employees can work from any device with an internet connection – smartphone, tablet or laptop.

Salesforce makes CRM easy to use for small businesses and large-scale enterprises. The platform also enables you to manage all interactions with your customers and prospects, so your organization can grow and succeed.

Salesforce as IdP (Identity Provider)

Salesforce can act as a single sign-on (SSO) identity provider to service providers, allowing end users to easily and securely access many web and mobile applications with one login. When using SAML for federated authentication, enable Salesforce as an identity provider and then set up connected apps. However, the OpenID Connect protocol for SSO authentication doesn’t require enabling Salesforce as an identity provider.

Salesforce as IdP can also be used for configuring multiple community users.


Follow step by step guide for Salesforce as IdP for Community Users

Step 1: Create domain in salesforce

  • Under Administrator click on Domain Management ? Domains.


  • Click on Create New View


  • Enter domain credentials. View Name and View Unique Name is required.



Step 2: Enable salesforce as IdP

  • Under Administrator, click on Security Controls.


  • Select Identity Provider


  • Click on Enable Identity Provider button.



Step 3: Login to salesforce and create an app.

  • Log into salesforce and go to Setup.


  • From the left pane, select App Setup ? Create ? Apps.


  • Under Connected Apps, select New.



Step 4: Configure the app.

  • Enter Connected App Name, API Name and Contact Email to configure the app.


Step 5: Under Web App Settings, check the Enable SAML checkbox and enter the following values.

    ACS URL ACS (AssertionConsumerService) URL from Step1 of the plugin under Identity Provider Tab.
    Entity Id SP-EntityID / Issuer from Step1 of the plugin under Identity Provider Tab.
    Subject Type Username
    Name Id Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent


Step 6: Assign profile.

  • Now from left pane, under Administration Setup, select Manage Apps ? Connected Apps
  • Click on the App you just created.
  • Under Manage Profiles, Select the profiles you want to give access to login through this app.



Step 7: Download metadata for communities.

  • Under SAML Login Information, click on Download Metadata.
  • Open the downloaded file in some browser like chrome, firefox, IE
  • Search for "ds:X509Certificate" tab and copy the entire string under this tag. String would be like this: "MII...."
  • Keep this certificate value handy for next steps


Step 8: In SLX Connect SAML plugin, go to Service Provider tab and enter the following details

    Identity provider Name: Salesforce
    SAML Login URL https://<your domain>.my.salesforce.com /idp/endpoint/HttpRedirect
    IdP Entity ID or Issuer https://<your domain>.my.salesforce.com
    X.509 Certificate Paste the certificate value you copied from the Metadata file.
    Response Signed Checked
    Assertion Signed UnChecked