Delegated Authentication Flow in Salesforce : Amit Chaudhary

Reader
February 17, 2021
Delegated Authentication Flow in Salesforce
by: Amit Chaudhary
blow post content copied from  Apex Hours
click here to view original post

Delegated authentication allows Salesforce to accept a user’s credentials / authentication token, but pass to an external service for validation. Delegated authentication is similar to single sign-on (SSO), but it offers a slightly different experience to users.

With delegated authentication, one system relies on another system to validate user credentials. For example, you can configure your Salesforce org to rely on a Lightweight Directory Access Protocol (LDAP) server to validate credentials. Both SSO and delegated authentication enable users to log in to multiple apps with one set of credentials. However, with delegated authentication, users must log in to each app separately.

Basic requirements

  • Authentication gateway provides SOAP web service which complies with Salesforce delegated authentication WSDL
  • Delegated authentication is enabled in Salesforce and gateway endpoint URL added

What else to know

  • Is Single Sign-On Enabled permission
    • Directs users’ login credentials to authentication service
    • Password management functionality disabled
  • Multi-factor authentication must use other Salesforce methods

Considerations for choosing Delegated Authentication

  • Helpful to support SSO from legacy systems without SAML / OpenID Connect
  • Using the basic flow (without authentication tokens), plain text passwords exposed to more systems
  • Password reminders & resets may be less intuitive
  • No native capability to share attributes from authentication gateway with Salesforce

Recording

Further Learning

The post Delegated Authentication Flow in Salesforce appeared first on Apex Hours.


February 17, 2021 at 05:31PM
Click here for more details...

=============================
The original post is available in Apex Hours by Amit Chaudhary
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================

Salesforce