SURFconext cannot verify the configuration steps below as we are not a customer of this service provider. We have collected the information below from our connected instituions to the best of our knowledge. If you have remarks or tips you want to share, please send them to support@surfconext.nl.
This pages depicts setting up Salesforce with SURFconext SSO. Please read the documentation of Salesforce for an up-to-date version of the Salesforce documentation.
Parameters to enter:
Parameter | Value | Note |
---|---|---|
SAML version | SAML2 | |
Issuer | This is the entityID of the SURFconext EngineBlock IdP | |
Identity Provider Certificate | Download the certificate from https://metadata.surfconext.nl/engine.surfconext.nl-20181213.pem and upload this file into this field | This is the signing certificate of the SURFconext EngineBlock IdP in X509 format |
SAML User ID Type | Assertion contains the Federation ID from the User object | SURFconext will provide the unique identifier for the user (in the format: urn:collab:person:[~urn:collab:person:surfnet.nl:niels:schachomeorg]:[~urn:collab:person:surfnet.nl:niels:uid], |
SAML User ID Location | User ID is in the NameIdentifier element of the Subject statement | Using the NameIdentifier is the preferred way of delivering the identifyer |
User Provisioning Enabled | True | It is preferred to enable autocreation of users |