IdP Initiated Sign-on on Salesforce Enterprise Application vs Salesforce Sandbox

Joel Agustin 1 Reputation point
2022-04-19T16:46:34.403+00:00

Need some help on configuring IdP-initiated SSO with enterprise applications, particularly with Salesforce. I cannot find any documentation that confirms the Sign On URL being a required field but the tip in the attached screenshot (Salesforce-App SSO Settings.png) is confusing. It says it's unnecessary for IdP-initiated but if I clear it, it throws an error message and I can't save the configuration.

If I create my own application (or Salesforce Sandbox) and enter the same Single Sign On Parameters, the Sign On URL is optional. And using this configuration I was able to do a real IdP-initiated sign on. Refer to attached (SalesforceSandbox-App SSO Settings.png).
194330-salesforce-app-sso-settings.png194411-salesforcetest-app-sso-settings.png

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,068 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Siva-kumar-selvaraj 15,576 Reputation points
    2022-04-25T16:28:29.07+00:00

    Hello @Joel Agustin ,

    Thanks for reaching out.

    Salesforce Sandbox supports SP and IDP initiated SSO when installed through the Azure AD gallery, whereas Salesforce only supports SP initiated SSO. Therefore, you must create custom enterprise application, as shown below for Salesforce, so that the Sign on URL field becomes optional. I hope this was helpful.

    196226-image.png

    196256-image.png

    Reference:

    Salesforce: https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/salesforce-tutorial#scenario-description
    Salesforce sandbox: https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/salesforce-sandbox-tutorial#scenario-description

    -----
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments