Does Identity Cloud support Single Sign-On (SSO) with Salesforce?
You can set up your Salesforce® organization to trust ForgeRock Identity Cloud to authenticate your users. With this SSO integration, Identity Cloud is the identity provider (IdP) and Salesforce is the service provider (SP).
Overview
When logging in to Salesforce, users are given the option to log in with Identity Cloud. They are then presented with the ForgeRock Sign In screen to authenticate before being redirected back to Salesforce.
If user provisioning is enabled, users who do not already exist in your Salesforce domain are automatically provisioned when they first log in.
Integration options
Note
SSO is available in both Salesforce Classic (not available in all orgs) and Lightning Experience. See Single Sign-on for further information.
Identity Cloud supports both OpenID Connect (OIDC) and SAML integrations with Salesforce. For detailed information on how to configure each of these integrations, see:
- Salesforce SSO integration with Identity Cloud as OIDC identity provider
- Salesforce SSO integration with Identity Cloud as SAML identity provider
With both integration types, you'll need a Salesforce developer edition account. See Salesforce Developers for further information.
See Also
Single Sign-On Integrations for Identity Cloud
Salesforce SSO integration with Identity Cloud as OIDC identity provider
Salesforce SSO integration with Identity Cloud as SAML identity provider