This lesson will cover the following topics:

01 Getting Started

This tutorial covers how to configure SSO with Salesforce as your identity provider. This allows your Salesforce users to log into a Titan project using their Salesforce credentials and pass user information from Salesforce into the Titan project.

02 Authenticate SSO

1. Navigate to your Settings tab and click the Integrations subtab.

Integrations tab

2. Scroll down until you locate SSO and click Authenticate.

authenticate button

When completing the configuration in Salesforce, you will need two values in the SSO Auth window: Access URL and Service Provider Entity ID.

Titan SSO auth

03 Create a Certificate

1. Navigate to your Salesforce setup.

2. Search for Certificates and Key Management.

3. Click Create Self-Signed Certificate.

create new certificate

4. Add a Label for your certificate and click Save.

certificate label

5. Download your created certificate.

download certificate

04 Create a Connected App

1. Search for App Manager.

2. Click on New Connected App.

new connected app button

3. Give your app a name and add a Contact's email address.

4. Enable SAML and copy-paste the corresponding SSO Auth details into the relevant fields.

app manager details

5. Use the dropdown to choose the name ID format. This should be set to SAML2.0 persistent or transient.

Name structure

6. Use the IdP certificate dropdown to select your created certificate. Click Save.

choosing certificate

05 Managing the App

1. Click the Manage button.

manage app button

2. Scroll down to profiles and click Manage Profiles. These are profiles that can log into your project using their Salesforce credentials.

Manage profiles

3. Enable the users you want to access your projects and click Save.

adding profiles

4. Scroll down to the Custom Attributes section and click New; we will configure the values passed through to the project.

new custom attribute
5. Add the attribute you want to configure. For this use case, we will configure two custom attributes.

First is the Session ID. This is the API session ID of the logged-in user, which allows you to perform actions as the logged-in user rather than the integration user.

session id

The second is the user's email.

User email attribute

The last thing to do in Salesforce is to copy the IdP-Initiated Login URL.

copied IDP URL

Copy and paste it into the corresponding Titan SSO Auth SSO login URL field. Next, copy and paste your downloaded certificate details into the Certificate field.

Titan sso auth

Make sure you test your config from this same window, then click Apply.

06 Enable SSO

1. Navigate to the Titan project you want to enable your SSO.

2. Open the Project Settings and select the User Access tab.

3. Enable the SSO toggle switch and select the gear icon.

enable sso

4. Use the dropdown to map any Salesforce values to your project fields. Enable the Use Salesforce session checkbox to perform actions as the logged-in user instead of the integration user.


configure sso window

When you publish your project, users will be asked to log in as Salesforce users before they can access your Titan project.

07 Got Feedback?

Additional Resources