+ Start a Discussion
Mandeep SinghMandeep Singh 

Setting up SSO using SAML and Heoku Rails app to authenticate



I wish to setup SSO using SAML in the Salesforce Org, so that I can authenticate from a Rails app (deployed on Heroku) and perform some REST API calls from the Rails app.


I am very new to Salesforce, but I am aware of where to setup the SSO/SAML for the Org (Setup->Security Controls->SSO) but, I am not sure what I should be handling at the Rails app side for the authentication to work.


1. What are the required steps/components to be implemented on the Rails app side so that it can work with SSO/SAML setup on the Salesforce side.


2. Also is it possible to set multiple SSO / SAMLsettings in Salesforce?


3. How to generate the certificate required for configuring the above SSO / SAML settings in Salesforce?


Any help would be higly appreciated!





Hi Mandeep,


you first need to create  a trust between SFDC and your Rails app authentication service. Typically this means that you need to import the Rails app cert file into SFDC. Set the proper endpoint parameters. When saved, you can generate an XML file from Salesforce and import into the Rails app.


In SFDC, although you can point to a delegated service and federated service at the same time, you cannot set multiple SAML or Delegated provider configurations. 

Mandeep SinghMandeep Singh
Hi Dodi,
Thanks for your reply.

I have figured almost all the missing pieces now.

1. Set up saml in the org
2. Prepare an xml file for saml assertion
3. Post the file to salesforce endpoint

My saml assertion is almost validated by saml validator now.
Why almost? Because salesforce tries to verify the signature and fails.
And i do not know what to put and how to generate the signature.

Any help on this?

What signature are you speaking of. You can email me a screen shot of the error to falfadli@cloudras.com