function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
SSO with Delagated AuthSSO with Delagated Auth 

Need Help for Delegated Authentication SSO


I am going to implement Delegated Authentication Single Sign-On in my Org. I learned basic idea from online help and some pdf files. But I have some queries regarding it. As below :


1. Where those user name and password will be store after login?


I followed the below steps to implement Delegated Authentication Single Sign-On :


1. Sent request to salesforce to turn on SSO feature.


2.downloaded AuthenticationService.wsdl from org and created server stub in .NET


3. I got sample code for .NET from the link


4. Now I am going to publish this code and put it on some test server. Copy the server IP (where I putted publish code with web service) and pasted under delegated authentication SSO in my org into delegated URL textbox.


6. I downloaded ,NET code from above link, Should I publish this code and host on any server?


7.What will be delegated gateway URL?


8. there is any other settings or changes in the downloaded .NET code (from above link)?


I am following thiese steps. I have doubt to get my objective. Is this correct? Tell me where I am wrong?

What will be my IP settings and what will be settings for other things like user id and password?

Your help and response will be appreciated :)




credentials are not stored. is basically playing messenger with the credentials.  User submits un/pwd to the login form, and the platform just calls out to your delegated auth provider with whichever credentials the user submitted.


Your delegated auth SSO URL *must* be externally reachable by  If its on your internal network or test network, your firewall will block the request.  Best practice would be to place your code on a server in the DMZ, and create a firewall rule to only allow to connect. is looking for a specific XML response for Delegated Auth.  In particular, its looking for <Authenticated>TRUE</Authenticated>.  It is your responsibility to sync up the Delegated Auth code to your internal Identity Provider (Active Directory/LDAP or some other system.)


In my opinion, using SAML for SSO is a simpler and more elegant solution for SSO, but Delegated Auth works too.