- edited on
There are two main steps to configure salesforce.com (SFDC) as an external Identity Provider (IDP) for UnboundID Data Broker:
We are going to use the following information to setup SFDC as external IDP for Broker:
Broker URL: https://<servername>:<port>
External Identity Provider Name (IDP Name): Salesforce
Please note that you can use any name to represent the IDP Name.
Connected App Name: UnboundID Broker (A name for your App)
Callback URL: https://<servername>:<port>/oauth/account/idpCallback/Salesforce
The format of this field has to follow the following syntax:
<Broker URL>/ oauth/account/idpCallback/<IDP Name>
Allow access to your unique identifier (openid)
Access your basic information (id, profile, email, address, phone)
Connected App Name: A given name to your app. (UnboundID Broker)
Contact Email: Your e-mail.
API (Enable OAuth Settings)
Enable OAuth Settings: Make sure this box is checked to enable the OAuth2.
Callback URL: This depends on your Broker setup and the name you used for your IDP. It uses the following syntax:
The rest of the parameters are optional. Please see below:
Name: A name of the External Identity Provider. You can choose any name (Salesforce)
Enabled: Make sure this check box is checked to enable this IDP
Client ID: Use the Consumer key that you have copied from Salesforce connected App you have created.
Client Secret: Use the Consumer secret that you have copied from Salesforce connected App you have created.
Scope: You can additional scopes that you need to request authorization for. The openid scope is always request. (email)
Client Auth Method: Select post
Authorization Endpoint: https://login.salesforce.com/services/oauth2/authorize
Token Endpoint: https://login.salesforce.com/services/oauth2/token
Userinfo Endpoint: https://login.salesforce.com/services/oauth2/userinfo
Then click on Save To Broker Cluster as shown below:
This part is to map Salesforce attributes/scopes to UnboundID Broker attributes/scopes
We used the following attributes/scopes:
emails[type eq “other”].value
Please note that you need to click on the plus sign “+” to add each attribute mapping. This will open the External Identity Provider Attribute Mapping.
When you click on the plus sign “+” the External Identity Provider Attribute Mapping window will be displayed as shown below:
Add the attribute mapping info based in your need. See the table above. When you are done, click Save To Broker Cluster to save the entered attribute mapping.
Repeat this step until you add all the attribute mappings then click Done to save and finish creating the External Identity Provider.