Last week we added support to Auth0 to integrate with Salesforce.com. This means that you can now enjoy SSO with Salesforce with any of our supported Identity Providers in minutes.
How does it work?
Salesforce implements the SAML Protocol for authentication and identity federation. Auth0 bridges SAML-P with whatever your preferred Identity Provider implements: SAML, OAuth 1, OAuth 2, LDAP, a SQL database, anything.
Salesforce provides a very handy SAML Validator that allows you to test the SAML Responses it expects. One small glitch is that even though the Validator will accept deflated content, Salesforce itself won't. Not that you need to use this option, as responses will typically be small payloads. It's just a small inconsistency in the docs that might leave you scratching your heads.
Setup
Configuring Salesforce in Auth0 is reduced to a single checkbox: enable. Can you think of a simpler way?
Once you enable it, you need to complete configuration on Salesforce itself. You get all the instructions on the same page where you enable it. Three parameters are used on Salesforce:
- The signing certifcate
- The Issuer name
- The Login URL
You are done!
Demo
In this very short demo you will see SSO open Salesforce with users authenticating in Office365: