Federated Authentication for mobile CRM products
|Knowledge Article Number||000176013|
You have Federated Authentication SSO in an organization. Can you use SSO for the Salesforce mobile CRM app?
Federated Authentication does not support mobile CRM products but Delegated Authentication does support Mobile CRM products.
Yes, you can use Federated Authentication (e.g. SAML) and Delegated Authentication (DA) in parallel.
When SAML is configured, the user (via their browser) hits either a URL at the enterprise Identity Provider (IdP) or, if My Domain is configured, any My Domain URL at Salesforce - e.g. https://mycompany.my.salesforce.com/SOMERECORDID. The SAML protocol redirects them for authentication in the enterprise, and sends them to Salesforce with a signed XML message representing that authentication.
The two protocols are orthogonal, and can happily co-exist in a single org.