OAuth is by far the easiest connection, and can take less than 5 minutes to configure. However we also do support SAML configuration.
Start in the Salesforce Admin, and head to the Settings, find the User for which is an example of a person who will be signing on through the Digital Experience Community. We need to take note of the Profile, in our case it is the Customer Community Login User.
Next, make sure your Identity Provider is turned on. If it is not, please Enable it.
Take note of this, and then head to the App Manager. Choose New Connected App
Fill out the top portion, and then check the box for Enable SAML
In another tab, head to the Integrations Hub > Connectors > Single Sign On > Salesforce (SAML)
Copy the Process Url
Back in Salesforce, enter OpenWater as the EntityId, then paste in the Process Url from the previous step into the ACS Url
Change Subject Type to User ID
Scroll to the bottom of the page and Save
Now click Manage
Find the SAML Login Information, and ignore the first few links. Click on the expansion icon next to For Communities
If you have multiple communities, find the one you are interested in connecting to OpenWater and copy the SP-Initiated Redirect Endpoint
Go back to Integrations Hub and Paste it in to the Login URL
Download the Metadata of the Community
Find the X509 Section, copy it (do not include the <ds:X509Certificate> or </ds:X509Certificate>)
Paste it into the Certificate
Press Save
Then press Publish
Head back to Salesforce Admin, and go to Manage Profiles
Add the Profile you noted from Step 2
Save, then go to Custom Attributes
Add all the fields you wish to map. You can use an attribute key of your choice.
Click Save
Click on Field Mapping, then click on the click here in the “No Fields have been provided yet”
You may be prompted to login with your Community User account. (Not your admin account). Once you do so you should see a message like this:
Head back to Integrations Hub and Refresh
Proceed to map the fields. Ensure email, user data, and unique ID are all properly mapped
Press Save
Now go back to Settings, then copy the Begin Url
Set the System Settings > Login Configuration to Json Web Token, then set the Login Url and the secret
Your SSO is now complete- high-five yourself, you did it!
Testing Your New SSO
As with any new integration or workflow, testing is super important! You can now load up your site in an incognito window, then test out your login.
Connect an SSO with Salesforce (SAML)
Use the Integrations Hub module to connect a single sign on to Salesforce using SAML.

Written by Cheryn
Updated over 2 weeks ago