Step 1: Setup Salesforce as Identity Provider
- Log into Salesforce and go to Setup.
- From the left pane, select IdentityIdentity Provider.
- In the service provider section click on the Service Providers are now created via Connected Apps. Click here.
- Enter Connected App Name, API Name and Contact Email.
- Under Web App Settings, check the Enable SAML checkbox and enter the following values:
- Now from the left pane, under Administration Setup, select Manage Apps » Connected Apps. Click on the App you just created.
- Under Manage Profiles, Select the profiles you want to give access to log in through this app.
- Under SAML Login Information, click on Download Metadata.
- Open the downloaded file in some browser like chrome, firefox, IE and Search for "ds:X509Certificate" tab and copy the entire string under this tag. The string would be like this: "MII...."
- Keep this certificate value handy for next steps.

Entity ID | SP-EntityID / Issuer from Service Provider Info Tab |
ACS URL | ACS (AssertionConsumerService) URL from Service Provider Info Tab |
Subject Type | Username |
Name ID Format | urn:oasis:names:tc:SAML:2.0:nameid-format:persistent |

×
Step 2: Setup Confluence as Service Provider
Now we will go through the steps to setup Confluence as a Service Provider using miniOrange add-on:
Configure Identity Provider
Step 1. Adding IDP settings in add-on
- With the information you have been given by your IDP, you can configure IdP settings in 3 ways.
- Click on Import from Metadata in Configure IDP tab.
- Select IDP: Import From Metadata URL .
- Enter your metadata URL.
- If your IDP changes certificates at intervals, you can select Refresh metadata periodically. Select 5 minutes for the best results.
- Click Import.
- Click on Import from Metadata in Configure IDP tab.
- Select IDP: Import from Metadata File.
- Upload metadata file.
- Click Import.
- Go to Configure IDP tab and enter the following details.
By Metadata URL:

By uploading Metadata XML file:

Manual Configuration:
IDP Name
IDP Entity ID
Single Sign On URL
Single Logout URL
X.509 Certificate

×