Single Sign-On (SSO) is a session and user authentication service which allows a user to log in and access several connected systems with a single set of credentials. This eliminates the need to login in different systems separately in a single session, and saves time of the user. In the backend, we can also log user activities and manage user accounts. This also leads to increased security.
The client’s requirement was to let its users login into their Salesforce instance to access the Service Console without going to the standard Salesforce login page and entering login credentials. For this, we implemented Single Sign-On in Salesforce for them.
The client used an external Identity provider for this: ‘Bitium’. In this case, Salesforce acted as the ‘Service Provider’. Bitium provided us with 2 files:
- 1. Metadata file
- 2. Identity Provider Certificate
From Setup, go to ‘Single Sign-On Settings’. Click on ‘New from Metadata File’:
Choose the file from the system:
All the below fields will be automatically populated through the Metadata file:
- Choose the ‘Certificate’ file from the system.
- The SSO will be configured in the Salesforce instance
Now the client can choose if they want their users to login into the Salesforce instance from standard login page or by using the newly implemented SSO.