In this video, ProofID consultant Ben Andrews demonstrates how quickly single sign-on (SSO) to Salesforce can be implemented using PingFederate.  SSO provides a distinct advantage as users can access multiple resources using a single username and password.

The demo shows a federated trust established between the PingFederate identity provider (IdP) and Salesforce, the service provider (SP).  Metadata is exchanged between the two parties, creating the trust.  Federated SSO can then occur as Salesforce delegates authentication to PingFederate.  SSO is accomplished using SAML (Security Assertion Markup Language), an XML-based standard that facilitates the transfer of information between PingFederate and Salesforce.

To break down the steps involved during SSO:

  1. The user browses to Salesforce
  2. Salesforce uses the custom domain that was accessed to identify the organization the user originates from
  3. Salesforce redirects the user to PingFederate, sending a SAML request
  4. The user authenticates, and PingFederate validates the credentials against the local user store
  5. If authentication is successful, the user is redirected back to Salesforce, along with a SAML response
  6. The user is logged into Salesforce using the claims provided in the SAML assertion from PingFederate

In addition to the user only requiring a single set of credentials, SSO provides several other advantages.

Enhanced security

 As the IdP is responsible for authentication, it automatically revokes access to the application when a user leaves the organization.

Reduced administration 

With fewer passwords in use, the IT helpdesk would expect a lower number of password reset requests.

Password policy of the IdP applies

 Administrators can set one password policy for all applications that adheres to the requirements of the organization.

Improved user experience

 Users are more productive as they spend less time attempting to remember or locate multiple sets of credentials.

About ProofID

ProofID is a specialist Identity as a Managed Service provider headquartered in the UK.  We help customers every day in securing enterprise data, manage hybrid cloud environments, secure mobile apps, and provide access to services by partners and customers.  All successfully delivered through our methodology driven managed service. Daily we manage 750,000 identities and deliver services to 73 countries.  For more information, call +44 (0)161 906 1002 email info@proofID.co.uk or visit www.proofID.co.uk.

Simplify access for users

Learn about our efficient and secure single sign-on (SSO) solution

Explore SSO
Ping Identity

Ping Identity frees the digital enterprize by providing secure access that enables the right people to access the right things, seamlessly and securely.

Explore Ping Identity

Want to talk to an expert?

Get in touch to find out how we can work together. We’re here to help with any questions.

Request a callback
Email us

Empower your business with our products

ProofID Dashboard

ProofID’s Dashboard offers a simple, secure, and cost-effective way to manage and monitor PingFederate.

Discover more
ProofID IGA

ProofID IGA enables you to securely and efficiently administer access across your extended enterprise.

Discover more
ProofID ConfigMigrator

ProofID ConfigMigrator simplifies working with multiple Ping environments.

Discover more