Configure Salesforce as SSO Identity Provider using SAML

Configure Salesforce as SSO Identity Provider using SAML

Single sign-on (SSO) has lots of advantages for users, and IT admins love it as well. While password management gets simplified, users get an easy and faster way to log in.
This quick tutorial will help you configure SalesForce as an Identity Provider for Thinfinity, using SAML.
For those who are not familiar with SalesForce, this is a customer relationship platform (CRM ) solution to manage sales, marketing, customer service, and more in one central location.
It seems to be growing popularity and as many of our customers reported using it, we decided to integrate it’s login system to ours to allow Thinfinity users a secure login to our web solutions with SalesForce’s credentials.

How to use SAML to login with SalesForce’s credentials into Thinfinity web apps

1) Navigate to your Salesforce Setup manager. Create a connected app in the App Manager:

Salesforce SSO

2) Configure the following fields like this:
(Replace MyThinfinityIP:PORT with your own URL)

Salesforce Identity Provider SSO SAML

3) Click on Save.
4) Open the “Connected Apps” menu, click on “Manage Connected Apps”, and then in the application you just configured:

Salesforce Identity Provider

5) Over here, you’ll see the metadata required for the Thinfinity Configuration:

Salesforce SAML

6) Copy that information to the Thinfinity manager, below you’ll find my own configuration for reference:


Configure Salesforce as SSO Identity Provider using SAML, step 06
Service Identifier = Your Thinfinity URL :
Service certificate file = Your own certificate required to validate the exchange.
Service certificate password = The certificate password.
Identification Entity ID = Your Salesforce domain.
Single Sign-On Service URL = IdP initiated login URL
Sign Out URL = Single logout endpoint . In this case, I’m using the “secur/logout.jsp” URL, as the endpoint wasn’t working correctly.
Partner Certificate File = IdP Certificate provided by SalesForce.
7) Add the Salesforce user in the mappings tab, and map it to an Active Directory user:

Salesforce Identity Provider SSO SAML

You can use an ” * ” for testing purposes:


Configure Salesforce as SSO Identity Provider using SAML, step 07

This will validate all incoming users from Salesforce, and assign them the Profiles with the “Permissions“ of the Active Directory user.

Have any questions?

Book a call today to learn more about how Thinfinity can help your organization. We are always available to guide you and provide the best solution based on your specific needs.

Leave a comment

Privacy Preferences
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.