function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
TheRotnelsonTheRotnelson 

​SSO. Cannot change the Authentication Service under My Domain Authentication Configuration

I cannot change the Authentication Service under My Domain Authentication Configuration after I did a refresh of my sandbox. After I did the sandbox refresh I configured the SSO settings and uploaded the IDP certificate provided from my IDP. I enabled SAML and try to get the authenticaton service to point to my SSO under the My DOmain - Authentication Configuration.
I am using SSO and am trying to have it so that if they go to my SFDC domain.

Expected Behavior:
When I go to https://my-domain.my.salesforce.com to be redirected to www.domain.com/sso to use my SSO credentials.

Actual Behavior:
When I go to https://my-domain.my.salesforce.com it stays on that page and I cannot use my SSO credentions. When I attempt to change the Authentication Service under Domain Management -> My Domain -> Authentication Configuration it always reverts back to Login Page

If I try to disable the SAML in the SInge Sign On Settings page is gives me the error message: Error: Your organization or community is currently using SAML as an authentication method, so you can’t disable it.
So my problem is that I can not disable SAML or I can active the use of SSO authenication. 

I am confident the SSO settings are correct as they are the same as before the Sandbox refreshed where it worked just fine.
The Authentication Service under Domain Management -> My Domain -> Authentication Configuration always reverts back to Login Page seems to be the key issue her.

Please help
ShashankShashank (Salesforce Developers) 
One thing I can think of is that the my domain url for the sandbox will be different from the production. Please check.
Vidar FjellestadVidar Fjellestad
Hi Øyvind,

Did you find any solution for this? We are experiencing the exact same behaviour now. Our sandbox has been refreshed since the time we first configured SSO. I have received new certificates from the IDP and I have made sure the myDomain URL for the sandbox is correct in the SSO configuration. 
Under Domain Management -> My Domain -> Authentication Configuration I can only choose Login Page as "Authentication Service". Before the refresh I also had the choice to choose the SSO option.

Any suggestions?
 
TheRotnelsonTheRotnelson
Hi Vidar, We did never resolve this issue but the problem disappeared after a new refresh of the Sandbox
Pooja BagalkotPooja Bagalkot
Hi. I am facing a smiliar issue. I do not get any option but "Login page" checkbox under Authentication service. I do not have an option to refersh the sandbox (probably coz the sandbox i am using is not licensed, it is the 30 day trial account). Not sure. Can anyone please help me how to proceed with this ? I am trying out the SP initiated feature (Salesforce being the SP) and need more options under Authnetication Service.
Kantesh Guttal 11Kantesh Guttal 11
Same thing in all our sandbox orgs...I am opening a case to get this sorted out.
Hari SompalliHari Sompalli
Under Single Sign-On Settings, please click on the checkbox: SAML Enabled for the Authentication Services to show your SSO options User-added image
Leah Schneier 11Leah Schneier 11
@Hari, thanks for this! Knew there was a simple setting I was missing but couldn't find the right documentation 
Pulkit Aggarwal_26Pulkit Aggarwal_26

Hi @Hari Sompalli,

Thanks for sharing this. Your Solution is 100% correct.

You are Awesome!