Print this page

How to force users to login into Salesforce through their IdP instead of through their My Domain login URL?

Knowledge Article Number 000003761
Description

If we want to restrict users from logging in from login.salesforce.com and <company>.my.salesforce.com when using Federated Authentication (SAML), then we should follow the approach given below.

 

Resolution

1) We should ensure that "My domain" is enabled for the Org.
2) In the Org, go to Setup | Administration Setup | Company Profile | My Domain
    2.1) In the My Domain settings page, click on Edit.
    2.2) Select the Checkbox "Login Policy" and click on save.
3) Now go to Security Controls | Single Sign-On Settings.
    3.1) Fill in the "Identity Provider Login URL" field and click on save.

At this point users accessing the My Domain login URL should be redirected to their IdP login URL.





promote demote