Okta

Configuring Provisioning for Salesforce Federated ID

This guide provides the steps required to configure Provisioning for Salesforce Federated ID.

NOTES

Contents


Features

The following features are supported:


Requirements

Complete the following before you configure provisioning for Salesforce Federated ID:


Configuration Steps

You are now ready to configure your Provisioning settings as follows:

  1. Click Configure API Integration.

    salesforce_newa

  2. Check the Enable API integration box.

  3. Enter the Username, Password + Token associated with your Salesforce Administrator account.

  4. Note: Simply append the token Salesforce provided to you to your password, no spaces or other characters.

    TIPS

    • To avoid breaking the integration when the password is reset, use a dedicated API account for connecting Okta to Salesforce.

    • Do not enable delegated authentication in Salesforce for the API user specified here.

    salesforce_newe

  5. Click Test API Credentials; if successful, a verification message appears at the top of the screen.

  6. Select To App in the left panel, then select the Provisioning Features you want to enable:

    Note: As part of provisioning each new portal user, Okta creates a new contact in Salesforce associated with the account you specify in the AccountID field. This new contact contains the user's name and email address. This contact is necessary because Portal users in Salesforce must be associated with a contact.

    salesforce_newc

  7. Select To Okta in the left panel if you want to configure Salesforce as Profile & Lifecycle Mastering or change Import rule settings:

    salesforce_newd

  8. Click Save.

  9. You can now assign people to the app (if needed) and finish the application setup.


User Assignment

To assign users to the Salesforce Federated ID app:

  1. To assign users, navigate to the Assignments tab of your Salesforce app, then select Assign > Assign to People:

    salesforceprovisioning.png

  2. Then, in the Assign Salesforce Federated ID to People dialog, select a user, then click the Assign button:

    “salesforce_fed_id4”

  3. You can set the Profile, Role, Federation ID and Permission Sets for each user:

    “salesforce_fed_id5”


Feature Licenses and Public Groups Support

Note

You can manage Feature Licenses and Public Groups for users by enabling the corresponding checkboxes on the User Assignment page.

Note that Feature Licenses depend on the selected user Profile. If you select a Feature License that is not supported by the selected Profile you will encounter an error, as described in Troubleshooting Tips.

“salesforce_fed_id6”


Troubleshooting Tips