Print this page

Single sign on settings and sandbox refresh

Knowledge Article Number 000175165

If you're trying to find out what happens to the Single Sign On (SSO) settings when a sandbox is refreshed,  and if the production settings are copied down we'll go over that information.

Resolution All of the sandboxes created as a mirror of  their production environment  with the federated authentication having the SAML disabled.

The Recipient URL is updated to match your sandbox URL that Salesforce gives when the sandbox is refreshed, for example

Enable SAML in the recently copied sandbox 

1. Click on Setup.
2. Under "Administer," click Security Controls |  then click Single Sign-On Settings
3. Click Edit, then check SAML Enabled.

4. Click Save.

Keep in mind

  • If you have SSO enabled in the Production environment with a custom profile with the SSO permission enabled, when the Sandbox refresh occurs, login will be blocked. You'll need to check the permissions.  This won't apply to a user with a standard profile.
  • In the sandbox, the production SSL Certificates for SSO doesn't get copied over. After each sandbox refresh the system administrator will need to upload a new certificate in sandbox in the "Identity Provider Certificate" field if they plan on using SSO.

promote demote