Menu
subscribe our youtube channel popup

OpenID Connect in Salesforce

Join us to learn how to configure the OpenID Connect authentication provider to allow users to authenticate at Google/ Gmail to access a Salesforce environment.

What is OpenID Connect?

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User.

Check OpenID Connect (OIDC) Flow in Salesforce here for more details.

OpenID Connect Flow

Difference between OpenID and OAuth

OAuth 2.0 OpenID Connect
Granting access to your API Logging the user in
Getting access to user data in other systems Making your accounts available in other systems
This is primarily used for Authorization This is primarily used for Authentication

Difference between OpenID and SAML

  • In SAML the user is redirected from the Service Provider(SP) to the Identity Provider(IP) for sign in. In OpenID Connect the user is redirected from Relying Party to the Open ID Provider for sign in.
  • In OpenID connect we get  an id_token which is a signed JSON token that contains the subject, issuer and other user information. However in SAML we have a concept of assertion.

Integration between Google and Salesforce

Check below recording to learn about how to integrate Salesforce with google.

Agenda

  • What is OpenID Connect?
  • Difference between OpenID and OAuth 2.0
  • Difference between OpenID and SAML
  • Explore the Salesforce Open Id playground
  • Integration between Google and Salesforce (walkthrough with demo)


Apex Hours
Apex Hours

Salesforce Apex Hours is a program of the community, for the community, and led by the community. It is a space where Salesforce experts across the globe share their expertise in various arenas with an intent to help the Ohana thrive! Join us and learn about the apex hours team.

Articles: 424

Leave a Reply

Your email address will not be published. Required fields are marked *