Configuring SAML SSO for SalesForce

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and SalesForce.

Prerequisite

  1. Login to ADSelfService Plus as an administrator.

  2. Navigate to Configuration → Self-service → Password Sync/Single Sign-on.

  3. Locate and click on SalesForce in the list of applications provided.

  4. Click on the Download SSO Certificate link in the top-right corner of the screen.

  5. In the pop-up that appears, copy the Login URL, Logout URL and download the SSO certificate by clicking on the Download SSO Certificate button.

SalesForce (Service Provider) configuration steps

  1. Log in to Salesforce with administrator credentials.

  2. Select Setup Single Sign-On (SSO) option from the Security Controls tab.

    Screenshot

  3. Enter a Name and API Name for reference.

  4. In the field Issuer, enter the Login URL copied in the Step 5 of Prerequisite

  5. Upload the verification certificate in the field Identity Provider Certificate downloaded in the Step 5 of Prerequisite

  6. In the Identity Provider Login URL field, enter the Login URL copied in the Step 5 of Prerequisite

  7. In the Identity Provider Logout URL, enter the Logout URL copied in the Step 5 of Prerequisite

    for redirecting users to when they sign out.

    Screenshot

  8. Save the configuration

  9. Copy the Login URL which is your SAML Redirect URL in ADSelfService plus configuration.

  10. To map SSO Login to login page: 

    1. Navigate to Domain Management → Domain

    2. Edit domain settings.

    3. Enable SSO Configuration and Choose Login Method.

    4. Add the domain created or registered domain.
      Eg: https://purebmc.my.salesforce.cpm

ADSelfService Plus (Identity Provider) configuration steps

  1. Now, switch to ADSelfService Plus’ SalesForce configuration page.

  2. In the Domain Name field, enter the domain name of your email address. For example, if you use johndoe@thinktodaytech.com to log in to SalesForce Online, then thinktodaytech.com is the domain name.

  3. Enter the SAML Redirect URL field with Login URL you had saved in Step 9 of SalesForce configuration.

  4. Enter a Description for the connection.

  5. In the Available Policies field, select the policies for which you wish to enable single sign-on.

  6. Click Save.

      Your users should now be able to sign in to SalesForce Online through ADSelfService Plus.

    For SalesForce, Both IDP-initiated flow and SP-Initiated flow is supported.


Go to Top
Copyright © 2019, ZOHO Corp. All Rights Reserved.
ManageEngine