Configure Identity Provider with Salesforce

The GoodData platform has a built-in support for integrating with Salesforce Single Sign On (SSO). Your users can use their Salesforce logins to interact with your GoodData projects. This article outlines the data that you must gather and the configuration steps required to integrate with Salesforce SSO.

For more information on GoodData SSO and SSO in general, see Single Sign-On Overview.

To configure an identity provider with Salesforce:

  1. Add a new domain at Salesforce Help.
  2. Set up your Identity Provider.
  3. Download the identity provider certificate and remark Issuer.
  4. Set up a new connected app:
    1. Select Enable SAML.
    2. Set Entity Id and ACS URL to https://<GOODDATA_HOSTNAME>/gdc/account/samllogin.
    3. Select the Identity provider created in step 2.
  5. Open connected app details and look for SAML Login Information, remark IdP-Initiated Login URL.
  6. Setup Connected app access for profile (Setup->Users->Profiles->click edit for selected profile->Connected apps->select app created in step 4)
  7. Send GoodData Support a request to create a new SSO provider.
    Include identity provider certificate (step 3), issuer name (step 3) and IdP-Initiated Login URL (step 4)
  8. Provision users with a ssoProvider created in step 7, use the same login as Salesforce username, and enable SSO auth mode for them.