Skip to main content

Setting up SSO with Salesforce

Step-by-step guide on how to setup SSO in your Salesforce IdP.

Max Agha avatar
Written by Max Agha
Updated this week

Here is a step-by-step guide on how to setup Sana as a SAML 2.0 application in Google Workspace.

SSO configuration with Salesforce

⚠️ In order to follow the steps below, you must be logged in as a Salesforce administrator.

  1. From the setup, in the quick find box, type Identity Provider and select it

  2. Click enable Identity Provider and save the changes

Connected app for SSO SAML 2.0

  1. In the quick find box, search and select App Manager

  2. Create a new connected app and fill in the details for app name and contact email

  3. Enable the SAML option under the Web App Settings

  4. Enter your Sana SP metadata and replace the <domain> with your actual Sana domain

    1. Entity ID - https://<domain>.sana.ai/x-realtime/auth/saml/metadata

    2. ACS URL - https://<domain>.sana.ai/x-realtime/auth/saml/acs

  5. Select SHA256 in the Signing Algorithm for SAML Messages option.

  6. The Subject Type should be the email of the user.

  7. Click save at the bottom of the page.

Configuring and mapping the attributes

  1. Scroll down to the bottom of the app overview till you find Custom Attributes.

  2. Sana requires three attributes, which are the following (following the exact casing):
    firstName
    lastName
    email

  3. Once you have clicked "New", a dialog box should appear which will allow you to map the Salesforce field this attribute will use. Then click save.

  4. Important note: You won't be able to add email as a custom attribute as it is a reserved attribute already in Salesforce, this means it'll automatically be added in the SAML assertion.

Providing your IdP Metadata

  1. In the quick find box, search for App Manager and click manage to the Sana SSO app you've created.

  2. Note down the Issuer under the SAML Service Provider Settings section.

  3. Note down the SP-Initiated Redirect Endpoint URL under the SAML login information section.

  4. Click on the IdP certificate, and select download certificate.

Once you have all of the required information, kindly send the following to your Sana Integrations/ImplementaItions Specialist:

  • Issuer

  • SP-Initiated Redirect Endpoint URL

  • IdP Certificate

Did this answer your question?