function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Racheal Dales 20Racheal Dales 20 

Delegated Authentication & Okta

Can anyone tell me if Delegated Authentication can be used in conjunction with an Okta SAML integration to specify which users participate in SSO via Okta? Thanks in advance!
Raj VakatiRaj Vakati
The Okta/Salesforce SAML integration currently supports the following features:
  1. SP-initiated SSO
  2. IdP-initiated SSO
  3. JIT (Just In Time) Provisioning

https://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-in-Salesforce.html
 
How do you want to implement Delegated Authentication? Can you explain what is your IDP and SP and how you are trying to delegate ?
Racheal Dales 20Racheal Dales 20
We want to enable SP and IdP initiated SSO without provisioning but need to be able to assign SSO to specific users while allowing all other users to bypass SSO and login directly to SalesForce.  Is this possible?
Raj VakatiRaj Vakati
Let me answer your question in two ways 

We want to enable SP and IdP initiated SSO without provisioning -- 


You can use Auth Provide ( Salesforce Prod as SP and IDP ) and If users is present you can  you can bypass provisioning 

 specific users while allowing all other users to bypass SSO and login directly to SalesForce. 

Yes -- Disable IS SSO Enabled at the profile level and they can able to bypass the SSO 

With OKTA - NO its not possible i guess but better check with okta support once