function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Is it possible to identify using Sites if an end user is already an authenticated SalesForce user?

Here is my use case.


Use Case:  Login to SalesForce Site.


Provide a login page for a SalesForce Site. If a user is already authenticated to SalesForce, either as a standard user, customer portal user, or partner portal user, do not present this page and instead route them directly to the content.


The first portion of this use case is not the issue; it is already well documented in the SalesForce help documentation.


It is the second part of this requirement which is causing me trouble.  Is there a way for a publicly accessible Site to determine if the end user loading the page is already an authenticated user in SalesForce?


Shashikant SharmaShashikant Sharma

How will you decide that the end user is a authenticated user. On a site page all users use guest profile so no difference can be made between them. But your issue looks to me  single sign on related, if so you can try that.


I was hoping I could check for a cookie or perhaps find a way to pass my context from an existing page to the Site.


What I was thinking was that if a link to the Site was included inside SalesForce, such as in the notes of a Case, and the user selects the link from inside SalesForce, the Site page would recognize that they were coming from an authenticated SalesForce site (possibly by automatically checking their cookie store for authenticated SalesForce credentials), and automatically let them through to the site.


I have seen several suggestions to use SSO for a problem such as the one I detailed above.  Would you be able to point out where I can find information on how to use SSO?





If your users will go to the site / customer portal via your SF org, then you can have a webtab created and displayed to the users. When a user clicks on it the authentication gets carried to the same (no separate login required).


If the user goes to the site url directly then you really cant track until the user tries to perform a login.