SlideShare a Scribd company logo

Social Single Sign-On with OpenID Connect

Download as PPTX, PDF
J
James Melville

The document discusses using OpenID Connect to enable social single sign-on for Salesforce users. OpenID Connect is an identity layer built on top of OAuth 2.0 that allows users to authenticate using their existing credentials from identity providers like Google, Microsoft, and PayPal. It describes how to set up OpenID Connect with Salesforce as the relying party by registering as an OAuth client, configuring an auth provider in Salesforce, and defining user management logic using a registration handler.

Technology
1 of 14
Downloaded 12 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Social Single Sign-On with OpenID Connect James Melville Technical Architect @jamesmelv
James Melville Technical Architect
What is Social Single Sign On? • Ability to authenticate using social profiles
What is OpenID Connect? • Identity Protocol built on OAuth 2.0 • Verify a user’s identity using authentication by another server • Standard for sharing profile information • Finalised February 2014 • Large backers:
What can I do with Salesforce & OpenID Connect? • Provide users with a form of Single Sign On • Allow users to login to Salesforce using other credentials – Internal Users – Community Users • Use a variety of providers to authenticate users: – Google – Microsoft – Paypal – Ping Identity
Why Use OpenID Connect? User Benefits Business Benefits Fewer usernames and passwords to remember Automate or Simplify User Creation Quicker Login Reliable Source of User Details Reduced registration effort Reduce helpdesk interactions
How do I set this up with Salesforce? Using Google as the Identity Provider • Register as an OAuth client with Google – https://code.google.com/apis/console • Configure “Auth. Provider” in Salesforce – Setup -> Security Controls -> Auth Provider • Define the logic for user management • Use Auth Provider in My Domain / Community
How do I manage identities between systems? Implement a Registration Handler • Define the logic to be executed when a user logs in – Create a registration hander in Apex – Use the profile information from the provider • Unrecognised OpenID Connect profile – Match to an existing Salesforce user – Create a new user • Previously logged in profile – Update profile information
Login Demo
What Else? • OpenID Connect is built on OAuth 2.0 • OpenID Connect Identity + OAuth 2.0 Authorisation = API Access • Now use the Authorisation to access Resources • Define access using Scope, as per OAuth 2.0 • Use APIs from the Identity Provider
API Integration Demo
Useful URLs • Google API Console: https://code.google.com/apis/console • Google API Documentation: https://developers.google.com/drive/ • Apex Auth Docs: http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_namespace_ Auth.htm • Demo Repository: https://github.com/jamesmelville/OpenIdConnectDemo •
Features I’d like to see • Ability to dynamically extend Scopes • Inspect scopes already claimed • Ability to create / update user credentials store
Social Single Sign-On with OpenID Connect

More Related Content

PDF
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
NCCOMMS
 
PPTX
DevSum: Azure AD B2C Application security made easy
Sjoukje Zaal
 
PPTX
Dear Azure: External collaboration with Azure AD B2B
Sjoukje Zaal
 
PPTX
OAuth in SharePoint 2013
Dinusha Kumarasiri
 
PPTX
Intelligent Cloud Conference: Azure AD B2C Application security made easy
Sjoukje Zaal
 
PPTX
External collaboration with Azure B2B
Sjoukje Zaal
 
PPTX
Introduction to Azure AD and Azure AD B2C
Joonas Westlin
 
PPTX
Microsoft Teams community call - February 2020
Microsoft 365 Developer
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
NCCOMMS
 
DevSum: Azure AD B2C Application security made easy
Sjoukje Zaal
 
Dear Azure: External collaboration with Azure AD B2B
Sjoukje Zaal
 
OAuth in SharePoint 2013
Dinusha Kumarasiri
 
Intelligent Cloud Conference: Azure AD B2C Application security made easy
Sjoukje Zaal
 
External collaboration with Azure B2B
Sjoukje Zaal
 
Introduction to Azure AD and Azure AD B2C
Joonas Westlin
 
Microsoft Teams community call - February 2020
Microsoft 365 Developer
 

What's hot (20)

PPTX
Azure Saturday: External Collaboration With Azure AD B2B
Sjoukje Zaal
 
PPTX
Identity Management in SharePoint 2013
SPC Adriatics
 
PPTX
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
PPTX
A Developer's Introduction to Azure Active Directory B2C
John Garland
 
PPTX
Wso2 is integration with .net core
Ismaeel Enjreny
 
PPTX
Oauth and SharePoint 2013 Provider Hosted apps
James Tramel
 
PPTX
WSO2 Identity Server - Getting Started
Ismaeel Enjreny
 
PPTX
Web API 2 Token Based Authentication
jeremysbrown
 
PPTX
OAuth
Vijay Naik
 
PDF
Premier Webcast - Identity Management with Windows Azure AD
uberbaum
 
PPTX
Azure AD B2C Webinar Series: Custom Policies Part 1
Vinu Gunasekaran
 
PPTX
DotNet 2019 | Hugo Biarge - Autenticación en aplicaciones web y nativas
Plain Concepts
 
PDF
CIS14: PingAccess in Action
CloudIDSummit
 
PPTX
High-Trust Add-Ins SharePoint for On-Premises Development
Edin Kapic
 
PPTX
Azure AD with Office 365 and Beyond!
Ravikumar Sathyamurthy
 
PDF
OAuth 2.0 refresher Talk
marcwan
 
PPTX
One portal for all your login needs - ADSelfService Plus Single sign-on.
Zoho Corporation
 
PPTX
Sitecore with Azure AD and Multifactor Authentication
Anindita Bhattacharya
 
PPTX
Azure B2C
Marco De Sanctis
 
PPTX
K8s idm-devfest
Marc Boorshtein
 
Azure Saturday: External Collaboration With Azure AD B2B
Sjoukje Zaal
 
Identity Management in SharePoint 2013
SPC Adriatics
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
A Developer's Introduction to Azure Active Directory B2C
John Garland
 
Wso2 is integration with .net core
Ismaeel Enjreny
 
Oauth and SharePoint 2013 Provider Hosted apps
James Tramel
 
WSO2 Identity Server - Getting Started
Ismaeel Enjreny
 
Web API 2 Token Based Authentication
jeremysbrown
 
OAuth
Vijay Naik
 
Premier Webcast - Identity Management with Windows Azure AD
uberbaum
 
Azure AD B2C Webinar Series: Custom Policies Part 1
Vinu Gunasekaran
 
DotNet 2019 | Hugo Biarge - Autenticación en aplicaciones web y nativas
Plain Concepts
 
CIS14: PingAccess in Action
CloudIDSummit
 
High-Trust Add-Ins SharePoint for On-Premises Development
Edin Kapic
 
Azure AD with Office 365 and Beyond!
Ravikumar Sathyamurthy
 
OAuth 2.0 refresher Talk
marcwan
 
One portal for all your login needs - ADSelfService Plus Single sign-on.
Zoho Corporation
 
Sitecore with Azure AD and Multifactor Authentication
Anindita Bhattacharya
 
Azure B2C
Marco De Sanctis
 
K8s idm-devfest
Marc Boorshtein
 
Ad

Similar to Social Single Sign-On with OpenID Connect (20)

PPTX
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
PPTX
Deep dive into Salesforce Connected App
Dhanik Sahni
 
PPTX
OAuth with Salesforce - Demystified
Calvin Noronha
 
PDF
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
Salesforce Developers
 
PPTX
Salesforce Identity Management
Jayant Jindal
 
PPTX
Hands-on with OAuth, Facebook and the Force.com Platform
Pat Patterson
 
PDF
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Vinay Manglani
 
PPTX
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
MysoreMuleSoftMeetup
 
PDF
OpenID Connect "101" Introduction -- October 23, 2018
OpenIDFoundation
 
PDF
OpenID Connect Explained
Vladimir Dzhuvinov
 
PPT
Advanced Platform Series - OAuth and Social Authentication
Salesforce Developers
 
PDF
OpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
MikeLeszcz
 
PPTX
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
gemziebeth
 
PPTX
Lecture 20101124
Anderson Liang
 
PDF
ABCs of Security in the Cloud Webinar
Salesforce Developers
 
PPTX
RSA Europe: Future of Cloud Identity
Mike Schwartz
 
PDF
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
 
PDF
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
 
PDF
Introducing Salesforce Identity
Salesforce Developers
 
PDF
Improve identity management with open id
Ping Identity
 
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
Deep dive into Salesforce Connected App
Dhanik Sahni
 
OAuth with Salesforce - Demystified
Calvin Noronha
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
Salesforce Developers
 
Salesforce Identity Management
Jayant Jindal
 
Hands-on with OAuth, Facebook and the Force.com Platform
Pat Patterson
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Vinay Manglani
 
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
MysoreMuleSoftMeetup
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenIDFoundation
 
OpenID Connect Explained
Vladimir Dzhuvinov
 
Advanced Platform Series - OAuth and Social Authentication
Salesforce Developers
 
OpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
MikeLeszcz
 
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
gemziebeth
 
Lecture 20101124
Anderson Liang
 
ABCs of Security in the Cloud Webinar
Salesforce Developers
 
RSA Europe: Future of Cloud Identity
Mike Schwartz
 
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
 
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
 
Introducing Salesforce Identity
Salesforce Developers
 
Improve identity management with open id
Ping Identity
 
Ad

Recently uploaded (20)

PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PPTX
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PDF
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PPTX
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
PDF
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 

Social Single Sign-On with OpenID Connect

  • 1. Social Single Sign-On with OpenID Connect James Melville Technical Architect @jamesmelv
  • 3. What is Social Single Sign On? • Ability to authenticate using social profiles
  • 4. What is OpenID Connect? • Identity Protocol built on OAuth 2.0 • Verify a user’s identity using authentication by another server • Standard for sharing profile information • Finalised February 2014 • Large backers:
  • 5. What can I do with Salesforce & OpenID Connect? • Provide users with a form of Single Sign On • Allow users to login to Salesforce using other credentials – Internal Users – Community Users • Use a variety of providers to authenticate users: – Google – Microsoft – Paypal – Ping Identity
  • 6. Why Use OpenID Connect? User Benefits Business Benefits Fewer usernames and passwords to remember Automate or Simplify User Creation Quicker Login Reliable Source of User Details Reduced registration effort Reduce helpdesk interactions
  • 7. How do I set this up with Salesforce? Using Google as the Identity Provider • Register as an OAuth client with Google – https://code.google.com/apis/console • Configure “Auth. Provider” in Salesforce – Setup -> Security Controls -> Auth Provider • Define the logic for user management • Use Auth Provider in My Domain / Community
  • 8. How do I manage identities between systems? Implement a Registration Handler • Define the logic to be executed when a user logs in – Create a registration hander in Apex – Use the profile information from the provider • Unrecognised OpenID Connect profile – Match to an existing Salesforce user – Create a new user • Previously logged in profile – Update profile information
  • 10. What Else? • OpenID Connect is built on OAuth 2.0 • OpenID Connect Identity + OAuth 2.0 Authorisation = API Access • Now use the Authorisation to access Resources • Define access using Scope, as per OAuth 2.0 • Use APIs from the Identity Provider
  • 12. Useful URLs • Google API Console: https://code.google.com/apis/console • Google API Documentation: https://developers.google.com/drive/ • Apex Auth Docs: http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_namespace_ Auth.htm • Demo Repository: https://github.com/jamesmelville/OpenIdConnectDemo •
  • 13. Features I’d like to see • Ability to dynamically extend Scopes • Inspect scopes already claimed • Ability to create / update user credentials store