Loading
Salesforce now sends email only from verified domains. Read More
Experience Cloud
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Authenticate Experience Cloud Site Users

            You are here:

            1. Salesforce Help
            2. Docs
            3. Experience Cloud

            Authenticate Experience Cloud Site Users

            You have several options for authenticating customers and employees in your Experience Cloud site. Customers are users with Community, Customer Portal, External Identity, or partner portal licenses. By default, they can log in with the username and password that Salesforce assigns them for the Experience Cloud site. Your Salesforce org’s employees are users with full Salesforce licensing capabilities. These users follow the employee login flow using their Salesforce username and password. Beyond these default settings, you can configure SAML, third-party authentication providers, or OAuth to authenticate and authorize all users accessing your site. You can also configure self-registration to use Login Discovery, which makes it easier for users to authenticate.

            Note
            Note
            • Session cookies are set at the domain level. When you log in as a different user during the same browser session, the new session cookies replace existing session cookies for that domain. As a result, the original user is logged out of the session.
            • The following authentication options also work with custom HTTPS web addresses.
            • SAML for Experience Cloud Sites
              If your Salesforce org already uses SAML single sign-on (SSO) to simplify and standardize your user authentication, you can extend this capability to your Experience Cloud sites.
            • Configure SAML SSO Between Salesforce Orgs or Experience Cloud Sites
              If your company deploys more than one Salesforce org or Experience Cloud site, set up SAML single sign-on (SSO) so users can easily move between them. In this SSO configuration, a single org or site acting as the identity provider authenticates users for one or more orgs or sites in the service provider role. Users can log in to all orgs or sites with a single set of credentials.
            • Authentication Provider SSO with Salesforce as the Relying Party
              With authentication providers, your users can log in to your Salesforce org or Experience Cloud site with single sign-on (SSO) using credentials from a third party. Authentication providers also give your users access to protected third-party data. Salesforce offers several ways to configure authentication providers, such as with OpenID Connect or with a custom OAuth 2.0 configuration. Which protocol you can use depends on the third party.

            See Also

             
            Loading
            Salesforce Help | Article