SAML Single Sign-On (SSO) in Salesforce (SP) | TYPO3 – Salesforce SSO Login
Salesforce SAML Single Sign-On (SSO) with TYPO3 as SAML IdP . TYPO3 SAML IdP extenstion gives you the
ability to use your TYPO3 credentials to login into Salesforce (SP). Here we will go through a step-by-step guide to configure
SSO between Salesforce as SP (Service Provider) and TYPO3 as IDP (Identity Provider).
Pre-requisites: Download and Installation
1. Installing SAML IDP extension in TYPO3
Download the zip file of the SAML IDP extension from TYPO3 marketplace
Go to your TYPO3 backend, and click on Extensions section at the left side of your screen.
Upload the zip file, as represented in the below image.
Now search for the "miniOrange SAML IDP" in Installed extensions section and activate the extension by clicking on activate button.
After installation, click on the newly installed extension "miniOrange SAML IDP extension" for TYPO3 SSO and login with your registered miniOrange credentials.
After entering username and password you will require license key to proceed further if you are a premium customer. (You will get this key from the miniOrange team. After entering license key, you can activate the license and proceed further.)
If you are not a premium customer you can direcly login submitting miniOrange credentials.
After successful login, you can see the details related to your account.
Now you are ready to configure your Service Provider. But, it's important to integrate frontend first.
2. Integrate extension with TYPO3
Now you have to design your frontend by left clicking on the Home tab then click on New Subpage
You need to add STANDARD page within the HOME page.
Enter the Standard Page name as: FESAML.
Click on FESAML Page and click on Add content. Go to plugins and add FESAML Plugin.
Navigate to plugin tab and select FESAML plugin. Add website users in Record Storage Page and save the settings.
If you need to make changes in URL segment, which will also be your initial SSO URL, right click on FESAML page, select edit and click on "toggle URL" button to set URL according to your way.
Also, you must create at least one group as TYPO3 doesn’t allow to create users unless there’s one usergroup at least.
To create group go to list tab from the left panel, click on Website users folder and hit the "+" button at the top of the screen.
Now select Websiteuser group ? from the list.
Insert Group Name in group title section and click on Save button at the top. User group will be created.
You can also create a SSO button on login page. Click on Home, proceed to the +Content option.
Switch to Special elements tab and select Plain HTML.
Here what you will be doing is, you are adding SSO login button, URL in the button section will be of FESAML Standard Page.
The code snippet to do so is mentioned in the given image. Enter the code and hit the Save button at the top.
Now you can configure plugin in the backend.
Steps to configure Salesforce SAML Single Sign-on ( SSO ) Login into TYPO3
1. Configure TYPO3 as Identity Provider
In the miniOrage SAML Identity Provider extension, go to SP Settings tab of the extension.
Provide the required settings (i.e. Service provider name, SP Entity ID/Issuer, ACS URL, Relaystate) find to your Service Provider Salesforce and click on Save button to save your configuration.
2. Configure Salesforce as Service Provider
Open a new browser tab or window, Login into your Salesforce account as Account Admin.
Select either Salesforce Classic: Navigate to Setup > Security Controls > Single Sign-On Settings.
Or Salesforce Lightening Experience: Click the gear icon, then navigate to Setup > Identity > Single Sign-On Settings.
On the Single Sign-On Settings page and click on Edit button.
Check the SAML Enabled box to enable the use of SAML Single-Sign On, then click on Save button.
Click on New to open SAML Single Sign-On Settings.
Enter a name of your choice
Make sure this is set to 2.0. This should be enabled by default.
Copy and paste the IDP-Entity URL/Issuer from IDP Metadata tab of Magentp SAML Identity Provider (Idp) module.
Identity Provider Certificate
Download the Certificate from IDP Metadata Open it in notepad. Copy and paste the content here.
Identity Provider Login URL
Copy and paste the SAML Login URL from IDP Metadata tab of TYPO3 SAML Identity Provider (Idp) module.
Custom Logout URL
Copy and paste the SAML Logout URL from IDP Metadata tab of TYPO3 SAML Identity Provider (Idp) module.
Enter an API name of your choice.
If you have a custom domain setup, use https://[customDomain].my.salesforce.comIf you do not have a custom domain setup, use https://saml.salesforce.com
Click on Save button.
Copy your Login URL and Entity ID.
3. SSO Testing
Open a new browser or private incognito window and enter your Salesforce URL, which will redirect you to the TYPO3 login screen.
Enter your TYPO3 credentials and click the log in button.
If you are redirected to your Salesforce start page and successfully logged in, your configuration is correct.
If you are looking for anything which you cannot find, please drop us an email on email@example.com
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to firstname.lastname@example.org
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.