Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in Salesforce by (11.9k points)

I have no Access Control Service (ACS) installed, but I've seen on some online video demo that Salesforce is not in the list of available pre-installed identity providers. Salesforce can be configured as IdP (standard SAML 2.0 is used). Can I set up ACS so that I can use Salesforce as an identity provider? Thanks

1 Answer

0 votes
by (32.1k points)

The official description SAML 2.0 says that ACS supports SAML 2.0 tokens. A list of supported protocol is OAuth 2.0, WS-Trust, and WS-Federation as given in the official statement.

Also, there is currently no automated way to add identity providers that are out of predefined in the ACS. You can, however, use the ACS cmdlets to manually add IPs that have a supported protocol. 

If you configure the SalesFores as IdP with the use of SAML 2.0 tokens, you just need to identify the protocol and execute a PowerShell command which would look something like this:

PS:\>Add-IdentityProvider –Namespace "myacsnamespace" –ManagementKey "XXXXXXXX" -Type "Manual" -Name "SalesForce" -Protocol OAuth –SignInAddress "http://www.your_salesforce_site.com/sign-in-url"

The list of supported protocols for this command are:

OAuth, 

 WsFederation, 

WsTrust,

OpenId. 

So the SalesForce IdP configuration must use any of those protocols with SAML 2.0 tokens and it should work.

I hope this helps!

Browse Categories

...