- You must first enable IdP-initiated sign on.
Enable PingFederate authentication in Salesforce.
- Sign on to your Salesforce domain as an administrator.
Click the Gear icon, then go to .
- Make a note of your domain name, such as https://<yourcompany>.my.salesforce.com.
In the Authentication Configuration section,
In the Authentication Service list, select
The "YourPingFederate" entry was created as a result of the IdP-initiated login tasks above.
Configuration is complete.Note:
Salesforce will now redirect to PingFederate for authentication of all new sessions. You should also select the Login Form check box during the testing phase in case of authentication issues. Testers will be offered the option of the standard Salesforce login form or PingFederate authentication. After you've successfully tested authentication against PingFederate, you can clear the Login Form check box so that authentication automatically defaults to PingFederate.
Test the PingFederate SP-initiated SSO
Go to your Salesforce
If the Login Form check box is still selected, the Salesforce sign on screen still displays, and you're offered a choice of Salesforce sign on or PingFederate sign on, select PingFederate.
If you've cleared the Login Form check box, you're not offered a choice.
When you are redirected to PingFederate, enter your PingFederate username and
After successful authentication, you're redirected back to Salesforce.
- Go to your Salesforce domain.