I needed to add a few custom fields for JIT provisioning that weren't present in the default configuration. After making my modifications (and writing a test class for Salesforce generated code), some of my existing SSO configuration settings are no longer working.

Example
UserRoleId and ProfileId could be set by its name instead of actual Id. Using the generated class, you have to use the actual ID. This is fine by me, but the unpredictable differences annoy me.

What other differences are there between Standard and the generated "Custom SAML JIT with Apex handler"?

Shouldn't both be the same, allowing you to rely on the Standard where possible? And if necessary, make modifications through the generated class, but still assuming all else will work the same?

We are implementing a Custom Apex JIT Handler for a Single Sign On Configuration. The JIT Handler is invoked by the system using the following methods:
- global User createUser(Id samlSsoProviderId, Id communityId, Id portalId, String federationIdentifier, Map<String, String> attributes, String assertion)
- global void updateUser(Id userId, Id samlSsoProviderId, Id communityId, Id portalId, String federationIdentifier, Map<String, String> attributes, String assertion)

When the assertion is not encrypted we get all of the parameters passed in to these methods. When the assertion is encrypted everything is passed in but the attributes parameter is empty.

Has anyone experienced this issue?

When I attempt to activate a new Workflow Process in Process Builder, I get the following error:

Unfortunately, there was a problem. Please try again. If the problem continues, contact Salesforce Customer Support with the error ID shown here and any other related details. Error ID: 935311243-181222 (1952119784)

Has anyone else seen this?

I'm having issues with the SAML SSO's Just In Time setup.

 

The SAML login works fine until I enable JIT. After I enable JIT, I receive the error "Unable to map an unique profile id for the given profile name" (Error Code: 16).

 

The documentation does not seem to have any information about this error... Also, what should I be passing in for profile id? I hardcoded my user's profile id on salesforce, but I won't have this in a real world scenario with dynamic users. (Hence the JIT setup)... Ideas?

 

 

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx766d4df1-1929-1d78-9b19-71d1b84296fe" Version="2.0" IssueInstant="2012-04-11T21:26:57Z" Destination="https://login.salesforce.com/?saml=02HKiPoin4qyAn.NYkIUhJDYI0BT_TbEY0rXygRfivhnkIXjjdBH54OvHd" InResponseTo="_2JxOJfTkGTgItVu3EbyxlErXVdt74BLUUCq_wkVVR80YIP60D_qeBAf4QClp4BJt7ryoZ9_YGyeTrtNdhtW30KMjAVwJ7tZabLuHVozctle78mdu1lSl.nPORoi7kYd.1Sk7xp31CA306.riHFBhm7tizQArvJgtWcivaOIDv24wy3cIfeX7JeDdTblcrA82f3aL3DEihSkJm01B_VbJdGwCwNbTrYQ">
  <saml:Issuer>ONEsite</saml:Issuer>
  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx766d4df1-1929-1d78-9b19-71d1b84296fe"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>fGizXC/YYdUxw6buGR+CgZ49tn8=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>1AQREJhC81C2Za2ph7uX6W438fs6R+UUCARN3eedJmwXwtn8HdyPKsIh+0gjZ+JsaQJ++anbrvZQ041dA+IdRxrdcDVwwDbzKoD01tDUyWiBQMptC7jn6yN8eLgEi6Cm++P0Yki2SFeylLHz8H2ZXUq9B1t04SapNDbSSfMYZhw=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICeTCCAeICCQD/DLLXx9QfOzANBgkqhkiG9w0BAQUFADCBgDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE9rbGFob21hMRYwFAYDVQQHEw1Pa2xhaG9tYSBDaXR5MRAwDgYDVQQKEwdPTkVzaXRlMRAwDgYDVQQDEwdvbmVzaXRlMSIwIAYJKoZIhvcNAQkBFhNkZXJyaWNrQG9uZXNpdGUuY29tMB4XDTEyMDMyOTIyMTgxOVoXDTM5MDgxNDIyMTgxOVowgYAxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhPa2xhaG9tYTEWMBQGA1UEBxMNT2tsYWhvbWEgQ2l0eTEQMA4GA1UEChMHT05Fc2l0ZTEQMA4GA1UEAxMHb25lc2l0ZTEiMCAGCSqGSIb3DQEJARYTZGVycmlja0BvbmVzaXRlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5bzDaISNuXT0UFOQlCUrdFrqg1VFC73+4LzNC4lfIsRKJjNLmTXtMsrgxs8xmBwRViY/h59lExC3tLc5nY1441Ye1ZGOq22E5ZoKBx5R8vaUvgDUa9d1CapCBLqCGI+dQoiuFwBOTk/RN9kBcHN6d5M7MX9ozzgiaBRiSQIczTUCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBjLwDo4rlqSg6KNKLjtf91+YXDENhU+uip4a0CWKVIHgeLAzQXvXjP4Ht8+xQHuP7lNRth+OlaK1AU+W7j7jAMy1TJEOVVY4JuGjOenS1PhsKMyZRA2IaBl315dNmm3gHExAbtIqF/kmSH7IHXcYIdJNNzWZYWiZ7zU9aLnjhMyQ==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxc755b00c-a5de-87e6-d1bf-6726a094d9ca" Version="2.0" IssueInstant="2012-04-11T21:26:57Z">
    <saml:Issuer>ONEsite</saml:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxc755b00c-a5de-87e6-d1bf-6726a094d9ca"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>877uX4K4I6Q/wJoeFkDTYHer+6w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>zlzoLhtOPdgHSkDNfj2NjedDB1Pp2hgzSe4rgXj8vSqBHptTM1VcI3AhjlRyGOHWh8qBIGBNxMOBteVJcWyP7HC8yA5t3a0f4aGr6BLHaXSuy9cUg7zhbA7b0GMFi2RBffAY2Fruj7MhDzxeOn6vx/V0uKLlec4FXd/Ky3Kczm0=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICeTCCAeICCQD/DLLXx9QfOzANBgkqhkiG9w0BAQUFADCBgDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE9rbGFob21hMRYwFAYDVQQHEw1Pa2xhaG9tYSBDaXR5MRAwDgYDVQQKEwdPTkVzaXRlMRAwDgYDVQQDEwdvbmVzaXRlMSIwIAYJKoZIhvcNAQkBFhNkZXJyaWNrQG9uZXNpdGUuY29tMB4XDTEyMDMyOTIyMTgxOVoXDTM5MDgxNDIyMTgxOVowgYAxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhPa2xhaG9tYTEWMBQGA1UEBxMNT2tsYWhvbWEgQ2l0eTEQMA4GA1UEChMHT05Fc2l0ZTEQMA4GA1UEAxMHb25lc2l0ZTEiMCAGCSqGSIb3DQEJARYTZGVycmlja0BvbmVzaXRlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5bzDaISNuXT0UFOQlCUrdFrqg1VFC73+4LzNC4lfIsRKJjNLmTXtMsrgxs8xmBwRViY/h59lExC3tLc5nY1441Ye1ZGOq22E5ZoKBx5R8vaUvgDUa9d1CapCBLqCGI+dQoiuFwBOTk/RN9kBcHN6d5M7MX9ozzgiaBRiSQIczTUCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBjLwDo4rlqSg6KNKLjtf91+YXDENhU+uip4a0CWKVIHgeLAzQXvXjP4Ht8+xQHuP7lNRth+OlaK1AU+W7j7jAMy1TJEOVVY4JuGjOenS1PhsKMyZRA2IaBl315dNmm3gHExAbtIqF/kmSH7IHXcYIdJNNzWZYWiZ7zU9aLnjhMyQ==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">squared3</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2012-04-11T21:31:57Z" Recipient="https://login.salesforce.com/?saml=02HKiPoin4qyAn.NYkIUhJDYI0BT_TbEY0rXygRfivhnkIXjjdBH54OvHd" InResponseTo="_2JxOJfTkGTgItVu3EbyxlErXVdt74BLUUCq_wkVVR80YIP60D_qeBAf4QClp4BJt7ryoZ9_YGyeTrtNdhtW30KMjAVwJ7tZabLuHVozctle78mdu1lSl.nPORoi7kYd.1Sk7xp31CA306.riHFBhm7tizQArvJgtWcivaOIDv24wy3cIfeX7JeDdTblcrA82f3aL3DEihSkJm01B_VbJdGwCwNbTrYQ"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2012-04-11T21:26:27Z" NotOnOrAfter="2012-04-11T21:31:57Z">
      <saml:AudienceRestriction>
        <saml:Audience>https://saml.salesforce.com</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2012-04-11T21:26:57Z" SessionNotOnOrAfter="2012-04-12T05:26:57Z" SessionIndex="_b6c9e3c74e52b2a7ab0745fe54c039e52658cf57aa">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="ProvisionVersion">
        <saml:AttributeValue xsi:type="xs:string">1.0</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.Username">
        <saml:AttributeValue xsi:type="xs:string">user@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.Phone">
        <saml:AttributeValue xsi:type="xs:string"/>
      </saml:Attribute>
      <saml:Attribute Name="User.FirstName">
        <saml:AttributeValue xsi:type="xs:string">FirstName</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.LanguageLocaleKey">
        <saml:AttributeValue xsi:type="xs:string">en_US</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.Alias">
        <saml:AttributeValue xsi:type="xs:string">Alias</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.LastName">
        <saml:AttributeValue xsi:type="xs:string">LastName</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.Email">
        <saml:AttributeValue xsi:type="xs:string">user@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.FederationIdentifier">
        <saml:AttributeValue xsi:type="xs:string">squared3</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.ProfileId">
        <saml:AttributeValue xsi:type="xs:string">005d00000019aXk</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.IsActive">
        <saml:AttributeValue xsi:type="xs:integer">1</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="User.EmailEncodingKey">
        <saml:AttributeValue xsi:type="xs:string">UTF-8</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="federationId">
        <saml:AttributeValue xsi:type="xs:string">squared3</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

Hi All 

 

I have a requirement of tracking all the field changes on every Object of my Salesforce Organisation. 

Is there any APP on APP exchange that supports the above functionality . 

 

Thanks In Advance

Adil

Hello,

 

I have two custom fields under Account. I want to setup history tracking for this two field but this Account already exceed the field limits for setup tracking. There are already 25 field under Account, whom had setup the the history tracking. 

 

So can I implement this history tracking by writing Trigger on Account ? If Yes then how can i do? 

I am new to Trigger..so please explain me briefly.

 

 

Thanks,

Hit

Today we’re excited to announce the new Salesforce Developers Discussion Forums. We’ve listened to your feedback on how we can improve the forums.  With Chatter Answers, built on the Salesforce1 Platform, we were able to implement an entirely new experience, integrated with the rest of the Salesforce Developers site.  By the way, it’s also mobile-friendly.

We’ve migrated all the existing data, including user accounts. You can use the same Salesforce account you’ve always used to login right away.  You’ll also have a great new user profile page that will highlight your community activity.  Kudos have been replaced by “liking” a post instead and you’ll now be able to filter solved vs unsolved posts.

This is, of course, only the beginning — and because it’s built on the Salesforce1 Platform, we’re going to be able to bring you more features faster than ever before.  Be sure to share any feedback, ideas, or questions you have on this forum post.

Hats off to our development team who has been working tirelessly over the past few months to bring this new experience to our community. And thanks to each of you for helping to build one of the most vibrant and collaborative developer communities ever.