Search Results :

×

Login into Salesforce Using Magento Credentials | Magento as IDP Single Sign-On (SSO) in Salesforce

Login into Salesforce using Magento user credentials. This guide will help you integrate Magento as an Identity Provider (IdP) and Salesforce as a Service Provider (SP) using the miniOrange Magento IDP (Identity Provider) Extension. Magento as IDP extenstion gives you the ability to use your Magento credentials to login into Salesforce (SP). Here we will go through a step-by-step guide to configure SSO between Salesforce as SP (Service Provider) and Magento as IDP (Identity Provider).

  • Purchase the miniOrange Magento IDP Single Sign-On extension from magento marketplace.
  • Go to My profile -> My Purchases
  • Please ensure you are using correct access keys (My Profile - Access Keys)
  • Paste the access keys in your auth.json file inside your project
  • Use the below command to add the extension to your project.
    "composer require {module_name}:{version}"
  • You can see the module name and list of versions in the selector below the extension module name.
  • Run the following commands on command prompt to enable the extension.
  • php bin/magento setup:upgrade
  • Download the miniOrange Magento IDP Single Sign-On extension.
  • Unzip all contents of the zip inside the MiniOrange/IDPSaml directory.
  • {Root Directory of Magento} app code MiniOrange IDPSaml
  • Run the following commands on command prompt to enable the extension
  • php bin/magento setup:upgrade

Step 1. Prerequisites

  • Open a new browser tab or window, Log in to your Salesforce account as Account Admin.
  • Select either Salesforce Classic: Navigate to Setup > Security Controls > Single Sign-On Settings.
Configure SAML SSO in Salesforce (SP) with Magento - Setup Salesforce as SP

  • Or Salesforce Lightening Experience: Click the gear icon, then navigate to Setup > Identity > Single Sign-On Settings.
Configure SAML SSO in Salesforce (SP) with Magento - Setup Salesforce as SP - Lightning

  • On the Single Sign-On Settings page, click on Edit.
Configure SAML SSO in Salesforce (SP) with Magento - SSO Settings

  • Check the SAML Enabled box to enable the use of SAML Single-Sign On, then click on Save.
Configure SAML SSO in Salesforce (SP) with Magento - Enable SAML Salesforce as SP

  • Click New to open SAML Single Sign-On Settings.
Configure SAML SSO in Salesforce (SP) with Magento - Salesforce Single Sign on

  • Configure the following details as given below:
Name Enter a name of your choice.
SAML Version Make sure this is set to 2.0. This should be enabled by default.
Issuer Copy and paste the IDP-Entity URL/Issuer from IDP Metadata tab.
Identity Provider Certificate Download the Certificate from IDP Metadata Open it in notepad. Copy and paste the content here.
Identity Provider Login URL Copy and paste the SAML Login URL from IDP Metadata tab.
Custom Logout URL Copy and paste the SAML Logout URL from IDP Metadata tab.
API Name Enter an API name of your choice.
Entity ID If you have a custom domain setup, use https://[customDomain].my.salesforce.com.
If you do not have a custom domain setup, use https://saml.salesforce.com.
JIT Provisioning To enable Just In Time Provisioning, select "Assertion contains the Federation ID".
  • Click on Save.
Configure SAML SSO in Salesforce (SP) with Magento - Enter Single Sign-On Info

  • Copy your Login URL value.
Configure SAML SSO in Salesforce (SP) with Magento - Salesforce Single Sign-On Copy Login URL


Step 2. Configuring Magento as SAML Identity Provider (IdP)

  • In the miniOrange IDP (Identity Provider) extension, go to Applications tab.
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • Search for Salesforce in the choose application searchbox and select the application.
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • Enter the Application name under SP Name.
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • Now, enter the SP Entity ID or Issuer and ACS URL copied earlier and save the details.
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO

Step 3. Configure Salesforce as Service Provider

  • Navigate to the Applications tab and click on Metadata settings for the Salesforce application
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • Here, you can find the Identity Provider Metadata URL /XML Metadata or endpoints like IDP Entity ID, SAML Login URL, SAML Logout URL (Premium Feature), Certificate. You can also download the IdP Metadata XML file which will be used for Salesforce configuration.
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • You will now have 3 options to provide the IDP Metadata to Salesforce by downloading the XML Metadata, Metadata URL or providing the detials manually.
  • Option 1 - Download the XML Metadata.
  • Download the XML Metadata by clicking it on Download XML Metadata button.
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • Navigate to your Salesforce and upload the XML metadata file downloaded and click on the Fetch Metadata button.
  • Option 2 - Metadata URL.
  • You can also copy the Metadata URL and provide it to your service provider to fetch the metadata.
  • Magento SAML IDP  | Login with Magento Users - Salesforce SSO into Magento
  • Option 3 - Provide the details manually to the Salesforce.
  • Copy the metadata details according to the table below.
  • Magento SAML IDP  | Login with Magento Users - Magento Salesforce SSO
    IDP-EntityID / Issuer IDP-EntityID / Issuer
    Single Sign On URL SAML Login URL / Passive Login URL
    SAML X509 Certificate Certificate
  • Navigate to your Salesforce and paste the metadata details.

Step 4. Attribute Mapping *(This is a Premium Feature)

  • In the miniOrange Magento IDP extension, navigate to the Applications tab and click on Edit settings for the Salesforce application.
  • Magento 2 SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • Click on Add Attribute button.
  • Magento 2 SAML IDP  | Login with Magento Users - Magento Salesforce SSO
  • Add the attribute name you want to send to your service provider and select the attribute from the dropdown menu and click on Save Button to save changes.
  • Magento 2 SAML IDP | Login with Magento Users - Magento Salesforce SSO

You have successfully configured the SSO between Salesforce as SAML SP and Magento as SAML IDP.


Step 1. Configuring Salesforce as OAuth Client:

  • Login to your SalesForce account.
  • Switch to the SalesForce Classic mode from the profile menu, and then go to the Setup page.
OAuth server Single Sign-On(SSO)Magento- Salesforce go to setup

  • In the Quick Find box, enter Auth, and then select Auth. Providers.
OAuth server Single Sign-On(SSO)Magento- Salesforce select auth providers

  • Click on the New button and Select Provider type as OpenID Connect from dropdown.
OAuth server Single Sign-On(SSO)Magento- Salesforce click on new

OAuth server Single Sign-On(SSO)Magento- Salesforce select openid

  • Enter the provider Name, URL suffix, Client ID as Consumer Key, Client secret as Consumer Secret, Scope, Endpoints which you will get from miniOrange Magento IDP extension.
  • Create the Registration Handler by clicking on Automatically create a registration handler template link. Also select the user in Execute Registration as field. You can choose the admin user and click on Save button to save your configuration.
  • Now, You can see the Test-Only Initialization URL. It redirects you to your OpenID provider and asks you to sign in. You’re then asked to authorize your app. After you authorize, you’re redirected to Salesforce. You should see the user XML element with email element inside it.
OAuth server Single Sign-On(SSO)Magento- Salesforce redirect url copy


Step 2. Add SSO button

  • In the Quick Find box, enter My Domain, and then select My Domain.
OAuth server Single Sign-On(SSO)Magento- Salesforce fill details

  • Scroll down to find the Authentication Configuration section, click on Edit.
OAuth server Single Sign-On(SSO)Magento- Salesforce fill details

  • From Authentication Service, select the checkbox for you Auth Provider and Save the settings.
OAuth server Single Sign-On(SSO)Magento- Salesforce fill details

  • You can open your Salesforce login page in an incognito window, you should see the SSO button added.

Step 3. Configure Magento as OAuth Server

  • In the miniOrange IDP extension, go to Applications tab and Click on Add Application button.
  • Magento as OAuth Server Add Application

  • Select OAuth/OpenID from the applications menu.
  • Magento as OAuth Server Add Application

  • Search for Salesforce in the choose application searchbox and select the application.
  • Magento as OAuth Server Add Application

  • Enter the OAuth Client Name as Salesforce
  • Magento as OAuth Server Add Application

  • Paste the Redirect URL/Callback URL copied earlier in the Redirect URL field.
  • Magento as OAuth Server Add Application

  • Enter openid email profile in the scope field and save the changes.
  • Magento as OAuth Server Add Application

  • Navigate to the Applications tab and click on Edit settings for your application
  • Magento as OAuth Server Add Application

  • You would see that the Client ID and Client Secret are automatically generated. Copy them and keep them handy.
  • Magento as OAuth Server Add Application

  • Paste the Client ID and Client Secret in the Salesforce application.
  • Navigate back to the Magento IDP extension and Click on Click Here link to get the Magento OAuth Endpoints
  • Magento as OAuth Server Add Application

  • Here you would receive all the Endpoints. Copy them as requried.
  • Magento as OAuth Server Add Application

  • Paste the Endpoints in the endpoints field in your Salesforce application and click on Finish to save the configuration.

Step 4. Attribute Mapping (This is a Premium Feature)

  • In the miniOrange Magento IDP extension, navigate to the Applications tab and click on Edit settings for your application.
  • Magento as OAuth Server - Edit app

  • Add the attribute name you want to send to your OAuth Client and select the attribute from the dropdown menu.
  • Magento as OAuth Server - Attribute Mapping

  • Click on Add Attribute and add the attribute name you want to send to your OAuth Client and select the attribute from the dropdown menu and click on Save Button to save changes.
  • Magento as OAuth Server - add and save attribute mapping

You have successfully configured the SSO between Salesforce as OAuth Client and Magento as OAuth Server.


Please reach out to us at magentosupport@xecurify.com, and our team will assist you with setting up the Magento IDP SSO Extension. Our team will help you to select the best suitable solution/plan as per your requirement.

ADFS_sso ×
Hello there!

Need Help? We are right here!

support