Це відео не доступне.
Перепрошуємо.
Salesforce as an Open ID Connect Identity Provider: CAS Come and See Video
Вставка
- Опубліковано 30 тра 2024
- Salesforce as an Open ID Connect Identity Provider: CAS Come and See Video
Did you know that you can use Salesforce as an open ID connect identity provider? You can use a production instance of Salesforce as the identity provider for a sandbox; when you do UAT testing, consistently keeping sandboxes refreshed and trying to get all those users into all those orgs on a regular basis, it becomes a lot of maintenance. So this is a really nice trick for getting a user to log directly into a sandbox from a production instance without needing a URL without needing to enter a username and password or verify emails.
global class AuthRegHandler implements Auth.RegistrationHandler{
global User createUser(Id portalId, Auth.UserData data){
User u = [SELECT Id FROM User WHERE FederationIdentifier = :data.email];
return u;
}
global void updateUser(Id userId, Id portalId, Auth.UserData data){
}
}
...and while you're here: if you're having Salesforce user adoption challenges, we have a brand new guide that takes you step by step through the principles of teaching adults technology, and drives you to develop a plan for implementation. It's got room for you to make your own plan - check it out: cloudadoption....
VIDEO TRANSCRIPT:
Hi, everybody, this is Cheyenne with cloud adoption solutions. And today we're gonna go over how to use Salesforce as an open ID connect identity provider. So for my specific use case, I am using a production instance of Salesforce as the identity provider for a sandbox. I do a lot of UA T testing, we've got a lot of different users and a lot of different works. And when we're consistently keeping sandboxes, refreshed and trying to get all those users into all those orgs on a regular basis, it becomes a lot of maintenance. So this is a really nice trick for logging, getting a getting a user to log directly into a sandbox from a production instance, without needing a URL without needing to enter a username and password or verify emails maybe like that.
So the first thing you are going to need is an apex class for an auth registration handler, this is this primarily consists of just three things a, an Auth provider, a connected app, and this Apex class. And I will put this code in the description. But just so you have an idea of what it looks like. This is the apex class, you can copy and paste this directly into the sandbox.
Okay, so the first thing I'm going to do is set this up from a sandbox environment. And for this demo, I am in two sandboxes. But let's pretend that this this sandbox is like acting as our production instance. So it's called showcase. And then we have showcase Dev. So this is what we're is going to be acting as our sandbox today. So in your sandbox environment, go ahead and open up your setup.
And we're going to navigate to auth providers.
And we're going to create a new one, your provider type here is going to be Salesforce for this use case, and we'll call it showcase dev demo. Okay, you will need just a temporary key and secret here. It does not matter what you put in, because we'll be coming back to this and in a few minutes, the key and the secret are going to come from that connected up these endpoint URLs, you'll want to reuse most of them. But instead of test here test.salesforce.com, you'll want to put in the domain of your of your identity provider, your production instance, which in my case is showcase dot sandbox. That my Okay, so it's going to alter slightly. And I just have these ready ahead of time. But you'll notice the end of this URL is going to be the same slash services slash a walk to slash Authorize. So that's my new endpoint URL. This is the domain of my production instance. And I'll do the same with this token endpoint URL. We'll just swap the domain keeping the last portion of this and then we also want to pull in that registration handler that I showed at the beginning this video and you will need to execute the registration as a user.
Okay, and then we will click Save and come back to this in a moment. What what we need from this is the single sign on initialization URL at the bottom, as well as as well as carp callback URL. So we're going to flip over to our, quote unquote production instance. Technically, I'm using a sandbox for this. But the identity provider in my case would be this the sandbox, which is, would be your your production environment...
Read the rest on our blog: cloudadoption....
Contact us with your Salesforce challenges at info@cloudadoption.solutions - we love to help!
Cloud Adoption Solutions is a 100% woman-owned registered Salesforce partner, specializing in implementation, integration, and optimization for Technology, Healthcare/ Life Sciences, and Financial Services/ Professional Services organizations in the small and mid-commercial sectors.
