|Available in: Lightning Experience and Salesforce Classic|
|Available in: Enterprise, Performance, Unlimited, and Developer Editions|
|To view the settings:||“View Setup and Configuration”|
|To edit the settings:||“Customize Application” |
“Manage Auth. Providers”
Setting up a Janrain authentication provider is slightly different from setting up other providers. You don’t use the Single Sign-On Initialization URL that you obtain after registering your provider with Salesforce to start the flow. Instead you use Janrain’s login widget that’s deployed on your site.
To set up your Janrain provider:
- Register your application with Janrain and get an apiKey.
- Define the Janrain authentication provider in your Salesforce organization.
- Get the login widget code from Janrain.
- Set up a site that calls the login widget code in your Salesforce organization.
Register Your Application
You must sign up for a Janrain account from the Janrain website
. Once you have your Janrain account, you need the apiKey
- Click .
- Copy the apiKey. You need this when creating the Janrain provider in your Salesforce organization.
- Add Salesforce to the Janrain domain whitelist in your Janrain account at .
Define the Janrain Provider in your Salesforce Organization
You need the Janrain apiKey
to create a Janrain provider in your Salesforce organization.
- From Setup, enter Auth. Providers in the Quick Find box, then select Auth. Providers.
- Click New.
- Select Janrain for the Provider Type.
- Enter a Name for the provider.
- Enter the URL Suffix. This is used in the Callback URL. For example, if the URL suffix of your provider is “MyJanrainProvider”, your Callback URL is similar to https://login.salesforce.com/services/authcallback/00D300000007CvvEAE/MyJanrainProvider.
- Use the Janrain apiKey value for the Consumer Secret.
- Optionally enter a Custom Error URL for the provider to use to report any errors.
- Optionally, enter a Custom Logout URL to provide a specific destination for users after they log out, if they authenticated using the single sign-on flow. Use this field to direct users to a branded logout page or destination other than the default Salesforce logout page. The URL must be fully qualified with an http or https prefix, such as https://acme.my.salesforce.com.
- Select an already existing Apex class as the Registration Handler class or click Automatically create a registration handler template to create the Apex class template for the registration handler. You must edit this class to modify the default content before using it.
You must specify a registration handler class for Salesforce to use single sign-on.
- Select the user that runs the Apex handler class for Execute Registration As. The user must have “Manage Users” permission. A user is required if you selected a registration handler class or are automatically creating one.
- To use a portal with your provider, select the portal from the Portal drop-down list.
- Use the Icon URL field to add a path to an icon to display as a button on the login page for a community. This icon applies to a community only, and does not appear on the login page for your Salesforce organization or custom domain created with My Domain. Users click the button to log in with the associated authentication provider for the community.
You can specify a path to your own image, or copy the URL for one of our sample icons into the field.
- Click Save.
Note the value of the generated Callback URL
. You need it to complete the Janrain setup.
Several client configuration parameters are available after configuring Janrain as the authentication provider. Use these for the flowtype
value in the Callback URL
with your Janrain login widget:
- test: Use this parameter to make sure the third-party provider is set up correctly. The administrator configures a Janrain widget to use flowtype=test, signs in to the third party, and is redirected back to Salesforce with a map of attributes.
- link: Use this parameter to link existing Salesforce users to a third-party account . The end user goes to a page with a Janrain widget configured to use flowtype=link, signs in to the third party, signs in to Salesforce, and approves the link.
- sso: Use this parameter to perform single sign-on into Salesforce from a third party (using third-party credentials). The end user goes to a page with a Janrain widget configured to use flowtype=sso, and signs in to the third party. This then either creates a new user for them, or updates an existing user, and then signs them into Salesforce as that user.
The client configuration URLs support additional request parameters that enable you to direct users to log into specific sites, obtain customized permissions from the third party, or go to a specific location after authenticating.
You need to get the login widget code from Janrain for your Salesforce organization.
- From your Janrain account, click .
- Enter the Callback URL value from your Janrain provider information in your Salesforce organization along with the query parameter flowtype=sso as the token URL. For example,
For a custom domain created with My Domain, replace login.salesforce.com with your My Domain name.
For a community, add the community parameter and pass it to the login widget as the token URL. For example,
- Enable Sites.
- Create a page and copy the login widget code to the page.
- Create a new site and specify the page you just created as the home page for the site.