<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jl7SABOkta Classic EngineOkta Integration NetworkAnswered2024-06-30T10:29:26.000Z2017-07-11T21:08:05.000Z2021-01-12T07:33:36.000Z

EvansC.04647 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Salesforce SSO Setup
Hello

 

We're looking to set up SSO with Salesforce.com.  We're federating the authentication and using the user's Active Directory credentials for all OKTA integrated apps.  For the Salesforce integration, should we be using the Salesforce.com app or the Salesforce.com (Federated ID) app?  We do not need provisioning into Salesforce, just the authentication.  When I look at the SSO instructions for the Salesforce.com (Federated ID) app, it seems like provisioning is required.

 

Thanks
  • 2 answers
  • 1.39K views

  • tftwh (tftwh)

    Hi Evans,

     

    As you dont need provisioning, i would suggest that please go with Salesforce.com app for which provisioning can also be enabled at later stage if required. I have integrated more than 10 Salesforce app and all looks fine...

  • 0pnmg (0pnmg)

    Hi Evans,

     

    Your service provider needs to know about your identity provider and vice versa. In this step, you’re on the Salesforce site providing information about the identity provider, in this case, Axiom. In the next step, you give Axiom information about Salesforce.

    On the Salesforce side, we configure SAML settings. SAML is the protocol that Salesforce Identity uses to implement SSO.

     

    Tip : You’re going to work in both your Salesforce Dev org and the Axiom app. Keep them open in separate browser windows so that you can copy and paste between the two.

     

    Click SAML Identity Provider & Tester.

    Click Download the Identity Provider Certificate. You upload this certificate later to your Salesforce org, so remember where you save it.

    In your Salesforce org, from Setup, enter Single in the Quick Find box, and then select Single Sign-On Settings.

    Click Edit.

    Select SAML Enabled.

    Click Save.

    In SAML Single Sign-On Settings:

    Click New.

    Enter the following values.

    Name: Axiom Test App

    Identity Provider Certificate: Choose the file you downloaded in step 3.

    Request Signature Method: Select RSA-SHA1.

    SAML Identity Type: Select Assertion contains the Federation ID from the User object.

    SAML Identity Location: Select Identity is in the NameIdentifier element of the Subject statement.

    Service Provider Initiated Request Binding: Select HTTP Redirect.

    Entity ID: Enter your My Domain name, which you can copy from the subdomain name that you set up in the “Customize Your Login Process with My Domain” unit. Make sure that entity ID includes "https" and references the Salesforce domain.

     

    Thanks in Advance,

    Lavanya Sreepada

     

     

    Expand Post
This question is closed.
Loading
Salesforce SSO Setup