About to extend my org via a native android app.  Users will be on database.com licenses.  What's the best way to handle 1st time login and setting their PWs?  I'm a bit worried about the user experience.  Any experiences, ideas, etc would be helpful! 

Hi There,

It was recommended in the Success Community that I come here.

We are hoping to automatically capture the geolocation of a mobile device when a new Task/Call is created in Salesforce1.

Ideally, an on-screen field that would be read only and would auto populate.

I have managed to get an on-screen popup by incorporating this visual force page as a mobile card - https://developer.salesforce.com/forums/?id=906F0000000AwiFIAS

But can't figure out how to 'capture' this information.

Basically, by the end of a day, we would like to be able to plot/see on a map where our reps had created Activity(task/call) records following client visits.

We have found a number of applications like this on the app exchange, though I am reasonably positive my basic requirement can be handled without buying add on applications/functionality.

My logic being that if I can get the device coordinates to display, surely they can be captured.

Any assistance would be greatly appreciated!
 
Thanks,
Steve

Hi,

My scenario is that I'm trying to build a service on database.com but the user interface is running elsewhere (heroku) - and I'm mostly using database.com lite profiles. I want users to be able to set themselves up with their own logins -and I am doing this through a REST call to my db.com org which goes and creates users on a private request from an admin account from my Heroku based frontend. I'd like users to have a nice user experience during this process where I guide them through the steps and preferably not confuse them with emails from database.com/salesforce which have no context about why they are receiving an email. Therefore I thought I'd use SSO for the signup process or use SAML to completely take user signout out of the picture (which turns out to be not possible due to me not reading the whole manual :(...

Also, does anyone have any experience around providing a nice user interface for the signup process when branding their own product but using db.com? It seems rather difficult to me to get it smooth!

 

The options I've tried are:

 

1: Just using plain database.com standard usernames + passwords, etc.
This works 'ok', but the signup process is not very nice for users for various reasons: a) I can't prompt users what's next after they receive an email from salesforce b) WTF the users are thinking - I thought I was dealing with another company c) there's a disconnect between the db.com user and my user state - if I use the login=consent for users to check that they are logging in as the relevant person (which happens for admins, etc) and they click the 'not you?' button, the user will never make it back to my domain and will get 'lost' on a dataabse.com error page. d) similar problem if the user forgets their password, or goes clicking around on the databse.com site they can get lost.

2: Using Bearer SAML
I've tried using bearer SAML, but eventually got stuck on the fine print. I thought this was perfect as someone with the correct certificates could control getting access tokens from the server for anyone, but there's a weird bit of fine print:
"A SAML OAuth 2.0 bearer assertion request looks at all the previous approvals for the user that include a refresh_token. If matching approvals are found, the values of the approved scopes are combined and anaccess_token is issued. If no previous approvals included a refresh_token, no approved scopes are available, and the request fails as unauthorized."

 

 

3: Federated SSO
So I thought SSO would work. I first tried the Bearer SAML approach above, but moved on as described earlier. So now the issue is to get SSO + OAuth working.

 

I've got all the pieces of the puzzle already working for some time:

* Admin users get logged on correctly using single sign on (not lite users as there is no interface so nothing to log into - thus it fails after the login
* OAuth using web-flow works fine when SSO is not in the picture.
* OAuth + SSO works fine for admin users

 

But when I'm using database.com lite user, I always get booted onto the SAML Single Signon 'Custom Error URL' after the SSO process is completed. Looking at the user which was logged in show:

 

Login Type: SAML Idp Initiated SSO
Status: Failed: API-only User

 

To me this feels like a Salesforce bug. Has anyone else experience this?

 

ben