Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Integrate Service Providers as SAML-Enabled Apps

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Integrate Service Providers as SAML-Enabled Apps

            To configure SAML single sign-on (SSO) with Salesforce as an identity provider, integrate a service provider by using the external client apps framework or the connected apps framework. With this SSO configuration, users log in to the service provider by using the same credentials that they use to log in to your Salesforce org or Experience Cloud site. To change your service provider details, edit your app. Control which users can access your app by managing profiles and permission sets.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience
            Available in: Developer, Enterprise, Performance, Unlimited, and Database.com Editions
            User Permissions Needed
            Define and modify identity providers and service providers: Customize Application

            The external client apps framework is the new generation of the connected apps framework. It solves many of the shortcomings of the connected apps framework. Check out Comparison of Connected Apps and External Client Apps Features.

            Note
            Note For SAML, the external client apps framework currently supports only Metadata API configuration.

            Integrate the Service Provider as an External Client App

            A SAML-enabled external client app consists of three main metadata components: a parent ExternalClientApplication component, an ExtlClntAppConfigurablePolicies component, and an ExtlClntAppSamlConfigurablePolicies component.

            For steps to create and edit these components, see Integrate a SAML SSO Service Provider as an External Client App.

            Integrate the Service Provider as a Connected App

            To create a SAML configuration, see Integrate Service Providers as Connected Apps with SAML 2.0.

            To review and edit service provider details, see these resources.

            To manage profiles and permission sets, see Manage Access to a Connected App.

            See Also

             
            Loading
            Salesforce Help | Article