Thursday, 16 April 2015

Need to login to other salesforce Instance from your own Instance ?


Need to login to other salesforce Instance from your own Instance ?
  
    Here is a simple solution. Read and implement

Decide service provider and Identity provider
 
Service Provider  :  Salesforce Instance (A's developer org).
Identity Provider  :  Salesforce Instance (B's developer org).

Identity provider
Step 1 : Create and register a domain in Identity provider organization,  (Domain Management --> B's Domain)
Step 2 : Enabled Identity provider. (Security Controls --> Identity Provider)
             Created a dummy certificate (self Signed) and set it as use on communication with service provider.
             Saved identity provider settings.
             Downloaded the certificate and saved in a drive.( Need to upload in service provider)
Service Provider
Step 3 : Enable single sign on in service provider (Security Controls > Single Sign-On Settings)
            Upload certificate down loaded from Identity provider.
            Put "Assertion contains the Federation ID from the User object" as "SAML Identity Type" since need to connect IP login name with Federation ID in SP user.
            Put "Identity is in the NameIdentifier element of the Subject statement" SAML Identity Location since need to connect IP login name with Federation ID in SP user.
           Save and note "Salesforce Login URL".

Identity provider

Step 4 : Define Connected App for service provider (Create > Apps > Connected Apps Section )
            Give basic information like App name contact email etc.
            Enable "Entity ID".
            ACS URL – Use the Salesforce Login URL from Service Provider
            Save and note "IdP-Initiated Login URL".
            Add which profiles should be able to access this app.
Service Provider
Step 5 :  Edit Single sign on settings and paste  "IdP-Initiated Login URL" from Step 4 to "Identity Provider Login URL".
User Set up
Step 6 : Copy one of Username from Identity Provider instance to “Federation Id” field of related user in Service Provider.

Identity provider User Interface
Step 7 : Created a custom link "Login To A's Instance" on home page in B's instance .
Working

Login to Identity provider (B). Move to "Home" tab and Click "Login To A's Instance" in narrow column.
Result
             Redirects to A's instance without separate login.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)