Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Configure SSO from Salesforce to WebEx

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Configure SSO from Salesforce to WebEx

            Let your users log in to WebEx using single sign-on (SSO) from your Salesforce org configured as an identity provider.

            Required Editions

            Available in: Lightning Experience and Salesforce Classic
            Available in: Enterprise, Performance, Unlimited, and Developer Editions

            WebEx supports the SAML protocol for SSO. When you set up WebEx as a service provider and create a connected app in Salesforce, users can access WebEx using their Salesforce login credentials.

            Follow these high-level steps to configure SSO for Salesforce to WebEx.

            Set Up Your Salesforce Org as an Identity Provider

            With the My Domain feature, your Salesforce org is enabled as an identity provider. My Domain is required for all orgs. If you don’t like your org’s My Domain name, you can change it.

            The My Domain feature also creates a certificate and key pair. The certificate establishes trust between your Salesforce org and ADP. Optionally, you can use another self-signed certificate or import a CA-signed certificate.

            To download the Salesforce self-signed certificate:

            1. From Setup, enter Identity Provider in the Quick Find box, and select Identity Provider.
            2. Click Download Certificate.

            Create a Connected App in Salesforce

            1. In Salesforce, create a connected app.
              • In Lightning Experience, from Setup, enter App in the Quick Find box, and select App Manager. Click New Connected App.
              • In Salesforce Classic, from Setup, enter Apps in the Quick Find box, and select Apps. Under Connected Apps, click New.
            2. Configure the connected app Basic Information settings.
              1. Enter a name for the WebEx connected app. Salesforce uses this name to populate the API name.
              2. Enter your email address in case Salesforce needs to contact you or your support team.
              3. Optionally, upload or specify a logo and icon to represent your WebEx application in the Salesforce App Launcher.
            3. Configure the connected app Web App Settings.
              1. Select Enable SAML.
              2. For Entity Id, enter http://www.webex.com.
              3. For ACS URL, enter the URL with your WebEx org as a parameter. For example, https://cas-bts2.webexconnect.com/cas/SAML2AuthService?org=ef2.postpath.com.
              4. For Subject Type, select Federation ID. A federation ID is a unique value assigned to the user across multiple web services and Salesforce orgs. Optionally, to use a WebEx email address, select Custom Attribute.
              5. For Name ID Format, select urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
              6. For Issuer, keep the default value, which is your My Domain login URL.
              7. For IdP Certificate, keep the default (Default IdP Certificate).
            4. Save the settings.
            5. Configure profiles and permission sets for the connected app.
              1. From Setup, enter Apps in the Quick Find box.
                • If you’re using Lightning Experience, select Manage Connected Apps.
                • If you’re using Salesforce Classic, under Manage Apps, select Connected Apps.
              2. Click the name of your connected app for WebEx. The connected app detail page appears.
              3. Click Manage Profiles or Manage Permission Sets, and add profiles or permission sets for users who can access this app.
            6. In Salesforce, enter the start URL for the connected app.
              1. On the connected app detail page, under SAML Login Information, copy the IdP-initiated login URL.
              2. On the connected app detail page, click Edit Policies.
              3. For Start URL, enter the IdP-initiated login URL. For example, https://customer.webex.com.
              4. Save the settings.

            Configure SAML Settings in WebEx

            1. Log in to your WebEx account as an administrator.
            2. On the Configuration tab, click Security Settings.

              webex security settings

            3. Under Security Settings, click Federated Web SSO Configuration.
              1. For Federation Protocol, select SAML 2.0.
              2. Select IDP Initiated.
              3. For Target page URL Parameter, enter RelayState.
              4. For WebEx SAML Issuer (SP ID), enter http://www.webex.com.
              5. For Issuer For SAML (IdP ID), enter your My Domain login URL.
              6. For Customer SSO Service Login URL, enter the IdP-initiated login URL from Salesforce.
              7. For NameID Format, select Unspecified.
              8. For AuthnContextClassRef, enter urn:oasis:names:tc:saml:2.0:ac:classes:unspecified.
              9. Save the settings.

                webex federated SSO SAML settings

            4. Under Security Settings, click Organization Certificate Management.
              1. Click Import New Certificate.

                click import new certificate

              2. Enter an alias for the Salesforce org certificate, and import the certificate.

                import the Salesforce org certificate

              3. On the Organization Certificate Management window, to make the imported certificate active, select it.
              4. Save the setting.

            Test the Connected App

            1. In Salesforce, from the App Launcher, find and open the WebEx app. If you configured the WebEx logo and icon for the connected app, the App Launcher displays them. As an alternative, browse to your WebEx URL, for example, https://customer.webex.com.
            2. In the WebEx login window, enter your user identifier. The identifier is either your federation ID or email address, depending on what you configured for the SAML subject type. If SSO is configured properly, you’re redirected to Salesforce. After you log in successfully with your credentials, Salesforce redirects you to your initial request URL. You’re logged in to your WebEx account.

              enter your user identity

            See Also

             
            Loading
            Salesforce Help | Article