Salesforce | SAML
1. Display name
Choose a name for your identity provider. This is the user-facing name, so choose a name your users will recognize. This can be changed later.
2. Redirect Mode
Select how the user will be redirected to the identity provider. You may configure more redirect modes after completing the setup.
3. Prepare IDP
Copy and save the Callback URL for later. You will need this when configuring Salesforce
Configure Salesforce
EXTERNAL
If you are using SCIM with your provider, make sure to check out the documentation for configuring this before proceeding. It might be that you need to configure this first or at the same time as setting up SAML.
Login to your Salesforce admin console({your-org}.my.salesforce.com) in a separate browser tab.
If you have not activated the salesforce identity provider earlier, you need to do this first:
Go to Setup via the cog menu in the upper right corner
Go to SETTINGS → Identity → Identity Provider in the left hand menu. Click the Enable Identity Provider button.
When Salesforce IDP is enabled, you can continue with the rest of the guide
The rest of this guide assumes you’re using the Salesforce Classic user interface.
In the upper right corner select your account and Switch to Salesforce Classic, then select Setup.
Locate Build in the left menu. Select Create, then Apps.
Under Connected apps, press New to create a new connected application.
Fill the required fields under Basic Information
Select Enable SAML.
Paste the Callback URL you kept from the KSSO Setup wizard into both the Entity ID and the ACS URL fields.
When done, click the Save button.
Click the Manage button.
Give users permission. Select Manage Profiles.
Give users permission to log into the App (In this test we use the profile Force.com - Free User
Press Save
Go back to the Connected App Detail page.
Export Identity provider metadata from Salesforce by clicking the Download metadata under SAML Login Information.
Go back to the Kantega SSO setup wizard.
4. Metadata
Choose Upload metadata XML file.
Browse an upload the SAML metadata file you downloaded from Salesforce.
5. Redirect URL
No need to do anything. The Redirect URL is automatically fetched from the metadata you imported in the previous step.
6. Certificate
This step shows the certificate used to validate the SAML messages.
7. Summary
Check that everything looks good and submit your setup
Test
Test that the log in with Salesforce works as expected. This will help identify if there are any issues with the configuration. Follow the steps to perform the login test.