The Salesforce Connector quick-connection template helps you create a connection to Salesforce by pre-populating some configuration settings. Some of the configuration information comes from a SAML metadata XML file that you can export from the Salesforce console after registering PingFederate as a single sign-on (SSO) provider. For detailed configuration instructions, see Configure SAML Settings for Single Sign-On in the Salesforce documentation.

Note: SAML XML transmissions containing assertions must be digitally signed. If you have not already done so, export the public certificate for the signing key to be used for the Salesforce connection(s). Note the file location. Certificate export is available via the Digital Signing section in the Security section of the PingFederate Main Menu.
  1. Sign on to Salesforce as an administrator.
  2. On the Setup console, on the search bar, enter Single Sign-On Settings, and then click Single Sign-On Settings.
  3. On the Single Sign-On Settings screen, under SAML Single Sign-On Settings, click New.
  4. On the SAML Single Sign-On Settings screen, enter the SAML information for your PingFederate server.
  5. In the Name field, enter a name of your choosing, such as My PingFederate Instance.
  6. In the API Name field, enter a name of your choosing without spaces or special characters, such as MyPingFederateInstance.
  7. In the Issuer field, do one of the following:
  8. For Identity Provider Certificate, upload your PingFederate signing certificate.
  9. In the Entity ID field, do one of the following:
    • If you want to integrate with Salesforce Communities, enter the URL for your Salesforce community.

      On the Salesforce Setup console, on the Platform Tools > Feature Settings > Communities > All Communities screen, copy your community URL.

    • Otherwise, enter your Salesforce domain. For example, "mycompany.my.salesforce.com" in the URL https://mycompany.my.salesforce.com.
  10. Optional: In the Identity Provider Login URL field, enter the PingFederate endpoint URL for SSO.
    Tip: After you complete the steps in Creating a connection, you can copy the SSO URL from the connection summary screen.
  11. Optional: In the Custom Logout URL field, enter the logout URL for your IdP application. Salesforce redirects a user to this URL after ending the Salesforce session.
  12. Click Save.
  13. On the SAML Single Sign-On Settings screen, click Download Metadata. Save the SAMLSP-xxxxxxxxxxxxxxx.xml file.