Salesforce SSO Integration

Introduction

This guide offers a comprehensive walkthrough for configuring Biopass as an OpenID Connect (OIDC) Identity Provider within Salesforce. By doing so, you will enable Passwordless authentication for Salesforce users. The Passwordless authentication experience allows users to securely access these applications without needing to remember or enter passwords. By following this guide, you'll learn how to integrate Biopass with Salesforce and enhance the user experience for your Salesforce users.

Prerequisites

To follow this guide, you should have:

Create an OIDC Application in Biopass

1. Sign in to the Biopass Admin Dashboard

  1. Navigate to the Biopass Admin Dashboard and sign in using your Biopass administrator account.
  2. From the Dashboard, click on the "Applications" tab.

2. Create a new OIDC Application

  1. Click the "Add New Application" button.
  2. Choose "Regular Web Application".
  3. Fill in the "Application Name" field with a name for your application.
  4. Choose a "Policy".
  5. At this stage, the "Allowed Callback URL" for Salesforce is unknown; therefore, select a temporary URL. Once the Salesforce configuration is complete, this field will be updated with the appropriate value.
  6. Click "Create" to proceed.

3. Add a Group to your Application

  1. Click the "Group" tab.
  2. Click the "Add Group" button.
  3. Choose a "Group".
The button turns to a search bar, find the group you want in the list and click on it.

The button turns to a search bar, find the group you want in the list and click on it.

Create an Auth Provider in Salesforce

1. Sign in to the Salesforce

  1. Sign in with your Salesforce administrator account and navigate to "Setup".
  2. Scroll down to the "SETTINGS" section in the left-side navigation bar and select the "Identity" -> "Auth. Provider" menu from the navigation bar.

2. Add a new Auth. Provider

  1. Click the "New" button.
  2. Choose "OpenID Connect" as the "Provider Type" type.
  3. Fill in the "Name" field with a name for your identity provider, ie. "Biopass".

3. Obtain Biopass OIDC Application Credentials

  1. From the "Applications" tab in the Biopass Admin Dashboard, click on the name of the OIDC application you created.
  2. Copy the "Client ID", "Client Secret", and "Issuer" values from the "Settings" tab.

4. Complete Configuration

  1. Fill in the "Cunsumer Key" and "Cunsumer Secret" from the previous step's "Client ID" and "Client Secret" fields.
  2. Fill in the "Token Issuer" field with the value obtained from the OIDC Application in Biopass.
  3. Fill in the "Authorization Endpoint URL" with "<Your_Issuer>/authorize" value.
  4. Fill in the "Token Endpoint URL" with "<Your_Issuer>/token" value.
  5. Fill in the "User Info Endpoint URL" with "<Your_Issuer>/userinfo" value.
  6. Choose "openid", "email", and "profile" as "Default Scopes".
  7. Select the "Send access token in header" option.
  8. Choose "Registration Handler".
  9. Click "Save" to proceed.

Configure Allowed Callback URL in Biopass

1. Obtain Redirect URI from Salesforce

  1. Go to the "Salesforce Configuration" section.
  2. Copy the "Callback URL".

2. Configure Biopass

  1. From the "Applications" tab in the Biopass Admin Dashboard, click on the name of the OIDC application you created.
  2. Click Edit button (pen icon) in the "Allowed Callback URLs" section.
  3. Click the "Add Callback URL" button.
  4. Paste the "Callback URL" copied from Salesforce.
  5. Click "Save" to proceed.

Test the OIDC Integration

Go back to the "Salesforce Configuration" section in Salesforce. Copy the "Test-Only Initialization URL" and launch it in your browser. You should now be redirected to a page showing the authenticated User details.