No comments yet

OpenID Connect in Salesforce

Join us to learn how to configure the OpenID Connect authentication provider to allow users to authenticate at Google/ Gmail to access a Salesforce environment.

What is OpenID Connect?

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User.

Check OpenID Connect (OIDC) Flow in Salesforce here for more details.

OpenID Connect Flow

Difference between OpenID and OAuth

OAuth 2.0 OpenID Connect
Granting access to your API Logging the user in
Getting access to user data in other systems Making your accounts available in other systems
This is primarily used for Authorization This is primarily used for Authentication

Difference between OpenID and SAML

  • In SAML the user is redirected from the Service Provider(SP) to the Identity Provider(IP) for sign in. In OpenID Connect the user is redirected from Relying Party to the Open ID Provider for sign in.
  • In OpenID connect we get  an id_token which is a signed JSON token that contains the subject, issuer and other user information. However in SAML we have a concept of assertion.

Integration between Google and Salesforce

Check below recording to learn about how to integrate Salesforce with google.

Agenda

  • What is OpenID Connect?
  • Difference between OpenID and OAuth 2.0
  • Difference between OpenID and SAML
  • Explore the Salesforce Open Id playground
  • Integration between Google and Salesforce (walkthrough with demo)


Post a comment