Apex Code Development You need to sign in to do that
Don't have an account?
pascale implementing sso with federated authentication - saml2 - How it works ?
Hi,
I am working on integrating SF with the federated approach with saml2.
I think I am missing something. From my understanding, SF provides the ability to initiate the sso, meaning a user click on a bookmark (a direct link to SF page), SF initiates SSO by sending a SAMLRequest to idp which then redirects to idp login page , authenticates, construct a SAMLResponse to SF which validates and redirect to the original page.
The document Best Practice for implementing Single Sign On does not cover the Sp initiated SSO. But I believe the IDP should know how to handle the SAMLRequest from SF, am I right ?
Using federated -SAML 2 approach, will it be possible for SF users to be able to authenticate into SF site independently from our web site if they wish ? Or since the configuration is set to SAML2, the user has to get authentication first in idp.
Thanks for your help,
--pascale