You need to sign in to do that
Don't have an account?
Paul Cuthbert
SAML 2.0 SP redirect not happening
I'm testing out SAML support using my SAML Identity Provider with a trial version of Salesforce, Enterprise edition. I've found the single sign-on settings and supporting documentation (which I have read), but am unable to get salesforce to redirect to our SAML 2.0 IdP for the login.
I have enabled SAML (check box), and created a configuration with:
- Issuer: <my SAML IdP URL>
- Entity Id: https://saml.salesforce.com
- Assertion contains User's salesforce.com username
- Identity is in the NameIdentifier element of the Subject statement
- Identity Provider Login URL: <my SAML IdP URL, login page>
If I view these settings I can see:
Salesforce Login URL https://login.salesforce.com?so=00D90000000wsGY
I would expect that if I try and access this URL in my browser, then I would get redirected to the IdP Login URL. This does not happen. Instead I get the salesforce username/password login page.
I"ve also tried logging out first, restarting the browser, and using a different browser with no salesforce context. No difference.
Any help, greatly appreciated.
I have enabled SAML (check box), and created a configuration with:
- Issuer: <my SAML IdP URL>
- Entity Id: https://saml.salesforce.com
- Assertion contains User's salesforce.com username
- Identity is in the NameIdentifier element of the Subject statement
- Identity Provider Login URL: <my SAML IdP URL, login page>
If I view these settings I can see:
Salesforce Login URL https://login.salesforce.com?so=00D90000000wsGY
I would expect that if I try and access this URL in my browser, then I would get redirected to the IdP Login URL. This does not happen. Instead I get the salesforce username/password login page.
I"ve also tried logging out first, restarting the browser, and using a different browser with no salesforce context. No difference.
Any help, greatly appreciated.
You need to create the domain, publish it, and then edit the My Domain settings to set the Authentication Service to your IdP.
Didn't see this in any of the documentation...