Configuring SAML SSO for SalesForce

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and SalesForce.

Prerequisite

SalesForce (Service Provider) configuration steps

1. Log in to Salesforce with administrator credentials.

2. Select Setup Single Sign-On (SSO) option from the Security Controls tab.

   



3. Enter a Name and API Name for reference.

4. In the field Issuer, enter the Login URL copied in the Step 5 of Prerequisite

5. Upload the verification certificate in the field Identity Provider Certificate downloaded in the Step 5 of Prerequisite

6. In the Identity Provider Login URL field, enter the Login URL copied in the Step 5 of Prerequisite

7. In the Identity Provider Logout URL, enter the Logout URL copied in the Step 5 of Prerequisite

   for redirecting users to when they sign out.
   



8. Save the configuration

9. Copy the Login URL which is your SAML Redirect URL in ADSelfService plus configuration.

10. To map SSO Login to login page: 

    1. Navigate to Domain Management → Domain

    2. Edit domain settings.

    3. Enable SSO Configuration and Choose Login Method.

    4. Add the domain created or registered domain.
       Eg: https://purebmc.my.salesforce.cpm

1. Now, switch to ADSelfService Plus’ SalesForce configuration page.

2. In the Domain Name field, enter the domain name of your email address. For example, if you use johndoe@thinktodaytech.com to log in to SalesForce Online, then thinktodaytech.com is the domain name.

3. Enter the SAML Redirect URL field with Login URL you had saved in Step 9 of SalesForce configuration.

4. Enter a Description for the connection.

5. In the Available Policies field, select the policies for which you wish to enable single sign-on.

6. Click Save.

   Your users should now be able to sign in to SalesForce Online through ADSelfService Plus.

   For SalesForce, Both IDP-initiated flow and SP-Initiated flow is supported.