nopCommerce SAML Single Sign-On (SSO) using Salesforce as IDP | Salesforce SSO

nopCommerce SAML Single Sign-On (SSO) plugin gives the ability to enable SAML Single Sign-On for your nopCommerce applications. Using Single Sign-On you can use only one password to access your nopCommerce application and services. Our plugin is compatible with all the SAML compliant identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between nopCommerce and Salesforce considering Salesforce as IdP. To know more about the features we provide for nopCommerce SSO, click here.

Pre-requisites : Download And Installation

Download from nopCommerce Dashboard

• To download the plugin zip, login as admin into your nopCommerce store. In the admin dashboard, go to Configuration Tab > All Plugins and Themes or search for All Plugins and Themes in the Admin search bar.
• Search for the SAML Single Sign-On (SSO) - miniOrange plugin and click the Download button to get the zip.


From nopCommerce marketplace

• You can download the plugin zip file from nopCommerce store - nopCommerce SAML Single Sign-On (SSO)
• To install the plugin, login as admin into your nopCommerce website. In the admin dashboard, go to Configuration Tab >> Local plugins.
• On the top right corner of the page select the Upload plugin or theme button to upload the downloaded plugin zip. Follow the instructions further to install the plugin.

Steps to configure nopCommerce Single Sign-On (SSO) using Salesforce as Identity Provider.

1. Configure Salesforce as IDP

• You need to send your SP metadata to identity provider, Salesforce. For SP metadata, use the SP metadata URL or download the SP metadata as a .xml file and upload it at your IdP end. You can find both these options under the Service Provider Metadata tab.

• Alternatively, you can manually add the SP Entity ID and ACS URL from Service Provider metadata tab in the plugin to your IdP configurations.

• Log into your Salesforce account as admin.
• Switch to Salesforce Lightning mode from profile menu and then go to the Setup page by clicking on setup button.


• From the left pane, select Settings Tab and click on Identity Provider.


• Click on Enable Identity Provider.


• In the Service Provider section, click on the link to create the Service Provider using Connected Apps.


• Enter Connected App Name, API Name and Contact Email.

Connected App Name	Provide a name for Connected App
API Name	Provide a API name
Contact Email	Provide a Contact Email



• Under the Web App Settings, check the Enable SAML checkbox and enter the following values:

Enable SAML	Checked
Entity ID	SP-EntityID / Issuer from Service Provider Metadata tab of the Plugin
ACS URL	ACS (AssertionConsumerService) URL from Service Provider Metadata tab of the Plugin
Subject Type	Username
Name ID Format	urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified



• Click on Save to save the configuration.
• Now from the left pane, under Platform Tools section select Connected Apps.
• Then select Manage Connected Apps and click on the app you just created.


• In the Profiles section click Manage Profiles button.
• Assign the Profiles you want to give access to log in through this app.


• Under SAML Login Information, click on Download Metadata.


• Keep this metadata handy for configuring the Service Provider.

You have successfully configured Salesforce as SAML IdP (Identity Provider) for achieving Salesforce SSO login into your nopCommerce application.

2. Configure nopCommerce as SP (SSO Plugin)

• After configuring SP metadata in IDP, you will have to configure IDP metadata in the plugin.
• To configure the IDP metadata, there are two methods:
• To upload IdP's metadata, you can use the Upload IdP metadata button, if you have the IdP metadata URL or the IdP metadata .xml file.

• Alternatively, you can copy the IDP Entity ID and Single Sign-On Url values from the IdP and fill them up under the Identity Provider Settings tab.

3. Test Configuration

• Click the Test Configuration button to verify if you have configured the plugin correctly.
• On successful configuration, you will get Attribute Name and Attribute Values in Test Configuration window.

4. Attribute Mapping

• Map Attribute Names provided by your IdP with your store attributes, under Attribute/Role Mapping tab.
• Click on Save button.

5. Enabling SSO in your nopCommerce store

• Under the Redirection & SSO link tab, use the URL labeled as Your Store SSO Link in your store to initiate the SSO.
• Please make sure the Enable SSO checkbox is enabled under the Identity Provider Tab.

Additional Resources

• ASP.NET SAML Single Sign-On (SSO)
• DNN SAML Single Sign-On (SSO)
• DNN REST API Authentication
• Kentico SAML Single Sign-On (SSO)
• Umbraco SAML Single Sign-On (SSO)