Configuring SAML SSO for Salesforce
- Salesforce Admin Portal Access
- zGateway with Public DNS name and valid SSL Certificate
- Management console of zGateway using Security Officer Account
- Shell Access to zGateway
Setting up Salesforce in zGateway (Identity Provider):
- Login with a digital certificate in zGateway using a Security Officer Account.
- Go to “Access Management > Applications > Add”.
- Click on Add button to create a new application as “Salesforce”. (You will need to log into the Salesforce Portal (https://login.salesforce.com/) and login with your Global Admin for Salesforce Tenant details.)
- Add Salesforce app into New/Existing Application Groups.
- Create/Update “Application Access” in New/Existing “Access Controls”.
- Verify SAML SSO Certificate in zGateway. Ensure below files are available in zGateway. (If the files are not present, use the following command to create them.)
- Copy the content of the SAML SSO Certificate SAML_Signing_Certificate. (Ensure while copying the tontent that there are not any new lines in the SAML SSO Certificate.)
Setting up Salesforce in zGateway (Service Provider):
- Go to Salesforce (https://login.salesforce.com or https://domain.my.salesforce.com) with admin access.
- Login to the Salesforce Portal and go to Settings > Identity > Single Sign-on Settings.
- Click on New.
- Fill the required details
- Verify the IDP settings and endpoint details of Salesforce.
- Click on Download Metadata to configure the identity provider server, if it is not already configured.