function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

How to get the session token from Single Sign on provider?

We are using Single sign on to login to Salesforce. We'd like to make an API callout from Salesforce to an internal API. To authenticate to access the API, we'd like to use the session token from the single sign-on to send with the HttpRequest so that the service can validate that the request is coming from a reliable user from salesforce. How to get the user session token that the single sign-on provider sends using Apex?

Any guidance would be helpful. Thank you!
Marcelo CostaMarcelo Costa
Hey Bergin,
Salesforce does not store a session token from the Identity provider. That would even by a security liability.
I guess The solution on your case, would be to make sure that the API can be authenticated from the same identity provider (either SAML or oAuth). Another option would be to use Salesforce as an Identity provider, or even using an Named Credential with a custom authentication provider....
Good Luck!
Thanks Marcelo !