Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Configure SSO from Salesforce to Oracle CPQ Cloud

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Configure SSO from Salesforce to Oracle CPQ Cloud

            Let your users log in to Oracle CPQ Cloud, formerly known as BigMachines, using single sign-on (SSO) from your Salesforce org configured as an identity provider.

            Required Editions

            Available in: Lightning Experience and Salesforce Classic
            Available in: Enterprise, Performance, Unlimited, and Developer Editions

            Oracle CPQ Cloud supports the SAML protocol for federated SSO. When you set up Oracle CPQ Cloud as a service provider and configure a connected app, users can access the application using their Salesforce credentials. Contact your Oracle CPQ Cloud representative to enable SSO and obtain an ACS URL.

            Follow these high-level steps to configure SSO for Salesforce to Oracle CPQ Cloud. To complete these steps, you need a SAML-enabled administrative account for Oracle CPQ Cloud.

            Set Up Your Salesforce Org as an Identity Provider

            With the My Domain feature, your Salesforce org is enabled as an identity provider. My Domain is required for all orgs. If you don’t like your org’s My Domain name, you can change it.

            The My Domain feature also creates a certificate and key pair. The certificate establishes trust between your Salesforce org and ADP. Optionally, you can use another self-signed certificate or import a CA-signed certificate.

            To download the Salesforce self-signed certificate:

            1. From Setup, enter Identity Provider in the Quick Find box, and select Identity Provider.
            2. Click Download Certificate.

            Configure SAML Settings in Oracle CPQ Cloud

            1. Log in to your Oracle CPQ Cloud cloud account as an administrator.
            2. Under User and Company Administration, select Admin. Navigate to Single Sign-On Setup.
            3. Configure the SAML SSO settings.
              • For Single Sign-On Method, choose Federated Authentication.
              • For Issuer URL, enter https://customername.bigmachines.com, where customername is your unique name in Oracle CPQ Cloud.
              • For Identity Provider Certificate, upload the Salesforce certificate you downloaded previously.
              • For Requested Name Identifier Format, leave the field empty.
              • For SAML Identity Provider URL, enter https://MyDomainName.my.salesforce.com/idp/endpoint/HttpRedirect.
              • For User ID and User ID type, accept the defaults.

            Create a Connected App in Salesforce

            1. In Salesforce, create a connected app.
              • In Lightning Experience, from Setup, enter App in the Quick Find box, and select App Manager. Click New Connected App.
              • In Salesforce Classic, from Setup, enter Apps in the Quick Find box, and select Apps. Under Connected Apps, click New.
            2. Configure the connected app Basic Information settings.
              1. Enter a name for the Oracle CPQ Cloud connected app. Salesforce uses this name to populate the API name.
              2. Enter your email address in case Salesforce needs to contact you or your support team.
              3. Optionally, upload or specify a logo and icon to represent your Oracle CPQ Cloud application in the Salesforce App Launcher.
            3. Configure the connected app Web App Settings.
              1. Select Enable SAML.
              2. For Entity Id, enter the issuer URL you configured in Oracle CPQ Cloud. For example, https://customername.bigmachines.com.
              3. For ACS URL, enter the value that your Oracle CPQ Cloud representative provides.
              4. For Subject Type, select how users are identified to the identity provider, for example, Federation ID or Custom Attribute. In either case, the SAML subject type must match the identity of the user in Oracle CPQ Cloud.
              5. For Name ID Format, select urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
              6. For Issuer, keep the default value, which is your My Domain login URL.
              7. For IdP Certificate, keep the default value (Default IdP Certificate).
            4. Save the settings.
            5. Configure profiles and permission sets for the connected app.
              1. From Setup, enter Apps in the Quick Find box.
                • If you’re using Lightning Experience, select Manage Connected Apps.
                • If you’re using Salesforce Classic, under Manage Apps, select Connected Apps.
              2. Click the name of your connected app for Oracle CPQ Cloud. The connected app detail page appears.
              3. Click Manage Profiles or Manage Permission Sets, and add profiles or permission sets for the users who can access this app.
            6. In Salesforce, enter the start URL for the connected app.
              1. On the connected app detail page, under SAML Login Information, copy the IdP-initiated login URL.
              2. On the connected app detail page, click Edit Policies.
              3. For Start URL, paste the IdP-initiated login URL.
              4. Save the settings.

            Test the SSO Configuration

            In Salesforce, from the App Launcher, find and open the Oracle CPQ Cloud app. If you configured the Oracle CPQ Cloud logo and icon for the connected app, the App Launcher displays them.

            If SSO is configured properly, Salesforce creates an application session.

            See Also

             
            Loading
            Salesforce Help | Article