Loading
Ongoing maintenance for Salesforce HelpRead More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Query SAML Authentication Settings

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Query SAML Authentication Settings

            You can query the authentication configuration endpoint for information about an org's or Experience Cloud site's SAML single sign-on (SSO) and authentication provider settings. Use this functionality when you’re developing apps that need this information on demand.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience
            Available in: All Editions

            Only Experience Cloud sites or Salesforce orgs can access the authentication configuration endpoint. You don't need a session to access the authentication configuration endpoint.

            In response to a request to the authentication configuration endpoint, Salesforce returns basic information in JSON format. This information includes authentication and registration settings, branding assets, and other values related to SSO support for users of Experience Cloud sites or Salesforce orgs.

            The format of the authentication configuration endpoint is: https://<site or custom URL>/.well-known/auth-configuration. For example, https://MyDomainName.my.site.com/.well-known/auth-configuration.

            Authentication Configuration Endpoint Response

            The authentication configuration endpoint returns the information in JSON format only.

            Here’s a sample response.

            {
  "OrgId": "00DD00#########",
  "Url": "https://MyDomainName.my.site.com/partners",
  "MobileSDK": {
    "UseNativeBrowserForAuthentication": false
  },
  "LoginPage": {
    "LoginPageUrl": "https://MyDomainName.my.site.com/partners/SiteLogin",
    "LogoUrl": "https://MyDomainName.my.site.com/partners/img/logo190.png",
    "BackgroundColor": "#B1BAC1",
    "SelfRegistrationEnabled": true,
    "FooterText": "acme.com",
    "UsernamePasswordEnabled": false
  },
  "SamlProviders": [{
			"name": "ADFS",
			"SsoUrl": "https://adfs.my.salesforce.com?so=00DB00#########"
		}, 
		{
			"name": "SF Identity",
			"SsoUrl": "https://sfid.my.salesforce.com?so=00DB00#########"
		}],
  "AuthProviders": [{
			"name": "LinkedIn",
			"IconUrl": "https://www.linkedin.com/logos/img/logo.png",
			"SsoUrl": "https://login.salesforce.com/services/auth/sso/00DB00000#########/LinkedIn"
		}, 
		{
			"name": "Facebook",
			"IconUrl": "https://www.facebook.com/logos/img/logo.png",
			"SsoUrl": "https://login.salesforce.com/services/auth/sso/00DB00000#########/Facebook"
		}],
  "CertificateLogin": {
		"Name": "Certificate-Based Login",
		"LoginUrl": "https://MyDomainName.my.salesforce.com:8443/services/certauth"
		}
}
            Note
            Note The UseNativeBrowserForAuthentication value is always false for an Experience Cloud site.

            These values are available only for Experience Cloud sites and are false or null for Salesforce orgs.

            • SelfRegistrationEnabled
            • SelfRegistrationUrl
            • DefaultProfileForRegistration
            • FooterText
            • UsernamePasswordEnabled

            See Also

             
            Loading
            Salesforce Help | Article