Salesforce SSO Integration

Setting Up SSO for 2 different Salesforce Organization

Setting up Salesforce as an Identity Provider (ORG 1).
Org 1: Enable Identity Provider in Salesforce:

1. Log in to your Salesforce org.
2. Navigate to Setup > Identity > Identity Provider.
3. Click Enable Identity Provider.
4. Click Save

1. Go to Remote Site Settings in ORG 2 (SP) > Click “New Remote Site Setting” and provide the necessary information.
2. For the “Remote Site URL” on the picture above, go back to ORG 1 > Identity Provider. Now copy the Salesforce Identity URL Settings and paste it in the “Remote Site URL” in number 5 above.

Back to ORG 2 (SP):

1. Go to setup > Identity > Single Sign on Settings.
2. Click on “New from Metadata URL”

1. Follow the example on number 6 above since we are using the same URL. Copy the URL and paste it as seen in the picture below and click on “Create”.

1. Under the “SAML Identity type”, Select “Assertion contains the federation ID from the User Object”.

Back to ORG 1 (IDP)
Setting up the Connected App on Salesforce Org 1 (IDP)

1. Go to setup
2. Under Platform Tools tab, select Apps
3. Click App Manager
4. New Connected App

1. Configure the Connected App:

1. Under Web App Settings, Click on SAML checkbox and provide the required data. This will be used to establish the SSO.

1. For the Entity ID Field and ACS URL, go to the ORG 2 (SP), under identity > Single Sign On, and copy the following URL as seen on the picture below. For Entity ID.

For ACS URL, Copy the Login URL

1. For Subject Type, “Change Select type” and set to “Federation ID”
2. Click Save
3. Click on Manage.

1. Scroll down to Profile section and Click on “Manage Profile” .
2. Select a Profile to assign to the connected App. Checked System Administrator, then click Save. This will add the profile to the connected App.

1. Go to ORG 2, Under setup, search for “My domain” scroll down to click on “Edit” under the “Authentication Configuration”.

1. Check the second box. This is the 2 org you are using as the IDP.

1. Click Save
2. Go to Org 2, Under Setup > Users. Edit your username.

1. Scroll down to “Single Sign on Information Section” and paste your Federation ID code. Note: Your federation ID should be unique e.g (crawlwise@gmail.com). This can be any attribute, as long as it is unique.
2. To test your connection, go to ORG 1 (IDP) > App Manager > Scroll down and select the connected app you have created. From the dropdown option, select “Manage”.

1. Scroll down and click on the Idp-initialted-login-url.

1. This should log you in to the first org without any issues.

If you encounter any issues during the login process using the idp-initiated Login URL, please check through steps again to ensure everything is done correctly.

Contact Me:
Whatsapp Number: +2348078339783
Email Address: crawlwise@gmail.com
Linkedin Account: www.linkedin.com/in/albert-eromosele-47321370