Configuring SAML SSO for Salesforce

Prerequisites

• Salesforce Admin Portal Access
• zGateway with Public DNS name and valid SSL Certificate
• Management console of zGateway using Security Officer Account
• Shell Access to zGateway

Configurations

Setting up Salesforce in zGateway (Identity Provider):

1. Login with a digital certificate in zGateway using a Security Officer Account.
2. Go to “Access Management > Applications > Add”.
3. Click on Add button to create a new application as “Salesforce”. (You will need to log into the Salesforce Portal (https://login.salesforce.com/) and login with your Global Admin for Salesforce Tenant details.)
4. Add Salesforce app into New/Existing Application Groups.
5. Create/Update “Application Access” in New/Existing “Access Controls”.
6. Verify SAML SSO Certificate in zGateway. Ensure below files are available in zGateway. (If the files are not present, use the following command to create them.)
7. Copy the content of the SAML SSO Certificate SAML_Signing_Certificate. (Ensure while copying the tontent that there are not any new lines in the SAML SSO Certificate.)

Setting up Salesforce in zGateway (Service Provider):

1. Go to Salesforce (https://login.salesforce.com or https://domain.my.salesforce.com) with admin access.
2. Login to the Salesforce Portal and go to Settings > Identity > Single Sign-on Settings.
3. Click on New.
4. Fill the required details
5. Verify the IDP settings and endpoint details of Salesforce.
6. Click on Download Metadata to configure the identity provider server, if it is not already configured.