Creating Single Sign-On(SSO) for Communities

  If you want to setup the SSO for Salesforce community portal, please follow the below steps. 

1. Create a community. Just create it don't add more configuration or customisation 

2. Most of the client would like to have a custom domain for community so please follow this link to setup the domain and link it to community site.

3. As per the below document Azure team has to setup the SSO configuration on Azure. 

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/salesforce-tutorial#configure-azure-ad-sso

    To do the steps as a Salesforce developer you have provide the few set of information. Those I have attached in the below screen-shot.

Input For Azure Step 1:

Name: You can give your own name

On this step Reply URL should be your site domain URL. 


Input For Azure Step 2:

On the Identifier, Reply URL and Sign-on URL need to be give as site domain URL by appending /login.

Referencelink: https://help.salesforce.com/s/articleView?id=sf.networks_auth_configure_saml.htm&type=5


Note: On the both screenshot column A values are from Azure page.

4. As a Salesforce developer now you will receive the metadata file from the Azure team. This is the file downloaded from Azure portal after the configuration.

5. Login to Salesforce and go to Setup --> Single Sign-On Settings. On this page if the 'SAML Enable' is not enabled please click Edit and Enable it.
6. To configure SAML Single Sign-On Settings, click 'New from Metadata File' and choose the file and finally Save it.

7. No you are on the edit page of the SSO setting. On this page please update the information as per below.
        On the SAML Single Sign-On Settings page, fields populate automatically, if you want to use SAML JIT, select the User Provisioning Enabled and select SAML Identity Type as Assertion contains the Federation ID from the User object otherwise, unselect the User Provisioning Enabled and select SAML Identity Type as Assertion contains the User's Salesforce username. Click Save.

Note: While saving this if you get an error on Issuer as below please change it to any name. This is causing because on this org you have the SSO for internal org.

Great, you are now completed the configuration for SSO. New We need to add this login to Community login page. 

Once this is added external user can login with SSO. I hope this article is helpful. Please let me know your thoughts in comments. 
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)