Need Help? We are right here!
Configure Salesforce as IDP to Single Sign-On (SSO) into multiple applications by loging using Salesforce as Identity Provider. Here, users can login to all applications (SPs) using their Salesforce login credentials by configuring Salesforce as an Identity Provider (IdP). miniOrange will act as an Identity Broker which forms a trusted connection between IDP and multiple SPs by enabling cross-protocol authentication. This provides easy and secure login access to users by using only one set of login credentials.
miniOrange offers free help through a consultation call with our System Engineers to configure SSO for different apps using Salesforce as IDP in your environment with 30-day free trial.
For this, you need to just send us an email at firstname.lastname@example.org to book a slot and we'll help you in no time.
Mentioned below are steps to configure Salesforce as IDP via SAML and OAuth configuration. Follow the steps accordingly based on your requirement (SAML or OAuth).
Follow the steps to configure Salesforce as IdP by SAML configuration.
|Domain Mapping||Can be used to redirect specific domain user to specific IDP|
|Show IdP to Users||Enable this if you want to show this IDP to all users during Login|
|Send Configured Attributes||Enabling this would allow you to add attributes to be sent from IDP|
Follow the steps to configure Salesforce as IdP by OAuth configuration.
|IdP Name||Custom Provider|
|IdP Display Name||Choose appropriate Name|
|OAuth Authorize Endpoint||From step 2|
|OAuth Access Token Endpoint||From step 2|
|OAuth Get User Info Endpoint (optional)||-|
|Client ID||From step 2|
|Client secret||From step 2|
If you have already configured your application in miniOrange you can skip the following steps.
|Service Provider Name||Choose appropriate name according to your choice|
|SP Entity ID or Issuer||Your Application Entity ID|
|ACS URL X.509 Certificate (optional)||Your Application Assertion Consumer Service URL|
|NameID format||Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|
|Client Name||Add appropriate Name|
|Redirect URL||Get the Redirect-URL from your OAuth Client|
|Description||Add if required|
|Policy Name||As per your Choice|
Note: Choose the Authorization Endpoint according to the identity source you configure.
In case you are setting up SSO with Mobile Applications where you can't create an endpoint for Redirect or Callback URL, use below URL.
Few usecases where customers configure multiple IDPs -
|For Cloud IDP -||https://login.xecurify.com/moas/discovery?customerId=<customer_id>|
|For On-Premise IDP -||https://yourdomain.com/discovery?customerId=<customer_id>|
You can see the screenshot below of the IDP Selection Page with a list of IDPs.
Note: To view the IDP in drop-down list, go to Identity Providers tab > against your configured IDP > Select >Edit , here Enable the Show IdP to Users option.
Our Other Identity & Access Management Products