Control Your Authentication Provider User Experience
When you set up single sign-on (SSO) with an authentication provider for your Salesforce Experience Cloud site, use the expid request parameter to deliver different experiences to users.
Required Editions
| Available in: Lightning Experience and Salesforce Classic |
| Available in: Enterprise, Performance, Unlimited, and Developer Editions |
| User Permissions Needed | |
|---|---|
| To view the settings: | View Setup and Configuration |
| To edit the settings: | Customize Application AND Manage Auth. Providers |
For example, you set up a Facebook authentication provider and configure SSO with your site as the relying party. You want to send Spanish-speaking users through a different registration process than Italian-speaking users. So you modify the registration handler and add the expid parameter to your SSO client configuration URL. The registration handler can now detect whether a user comes from the Spanish or Italian version of Facebook. When a Spanish-speaking user signs up for your site with their Facebook credentials, the registration handler records the user’s minimum age. If the user comes from the Italian version of Facebook, the handler doesn’t.
To deliver different user experiences, add the expid parameter to a client configuration URL.
- For the Single Sign-On Initialization URL, Salesforce provides the experience specified by the expid parameter after they log in with their third-party credentials.
- For the Existing User Linking URL, the Continue to Salesforce link on the confirmation page leads to the experience specified by the expid parameter.
Here’s an example of an expid parameter added to the Single Sign-On Initialization URL, where:
- site-url is the URL for the site.
- auth_provider is the name of the authentication provider.
- expid=sp indicates that the user comes from the Spanish version of the website.
site-url/services/auth/sso/auth_provider/?expid=sp
