Step by Step Guide to Setup Salesforce as IdP

STEP 1: Log into salesforce and go to Setup.
 
STEP 2: From the left pane, select App Setup » Create » Apps.
 

 
STEP 3: Under Connected Apps, select New.
 

 
STEP 4: Enter Connected App Name, API Name and Contact Email.
 

 
STEP 5: Under Web App Settings, check the Enable SAML checkbox and enter the following values:
 

Entity ID: Issuer from the SAML plugin under Identity Provider Setup Tab.
ACS URL: ACS URL from the SAML plugin under Identity Provider Setup Tab.
Subject Type: Username
Name ID Format: urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

 

 
STEP 6:

  • Now from left pane, under Administration Setup, select Manage Apps » Connected Apps.
  • Click on the App you just created.
  • Under Manage Profiles, Select the profiles you want to give access to login through this app.

STEP 7:

  • Under SAML Login Information, click on Download Metadata.
  • Open the downloaded file in some browser like chrome, Firefox, IE.
  • Search for “ds:X509Certificate” tab and copy the entire string under this tag. String would be like this:
    “MII….”
  • Keep this certificate value handy for next steps.

 

 
STEP 8: In miniOrange SAML plugin, go to Service Provider Setup tab. Enter the following values:

Identity Provider Name: Salesforce
SAML Login URL: https://.my.salesforce.com /idp/endpoint/HttpRedirect
IdP Entity ID: https://.my.salesforce.com
X.509 Certificate: Paste the certificate value you copied from the Metadata file.
Response Signed: Checked
Assertion Signed: Unchecked