function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
TimAlsopTimAlsop 

environment hub sso

When I add a new sandbox org, the Environment Hub includes an entry for me to login to this sandbox, but SSO (Single Sign-On) is not enabled. I want to enable SSO on each sandbox org so I don't have to remember passwords for each org and don't want to set the passwords for my user on each org to be the same as this is less secure.

How can I get SSO enabled on all sandbox orgs as/when they are added to the Environment Hub ?
NagendraNagendra (Salesforce Developers) 
Hi Tim,

Connect an Org to the Environment Hub:
You can connect existing Salesforce orgs to the Environment Hub, allowing you to manage all your development, test, and trial environments from one location. When you connect an org to the hub, related orgs are automatically discovered so you don’t have to manually connect them.

The following types of related orgs are automatically discovered:
  • For any organization, all sandbox orgs created from it
  • For a release org, all its related patch orgs
  • For a Trialforce Management Org, all Trialforce Source Orgs created from it
  • For an org with the License Management App (LMA) installed, any release org with a managed package registered in the LMA
Log in to the Environment Hub, and then select Connect Org:
  1. Enter the admin username for the org that you want to connect and, optionally, a short description. A description makes it easier to find the org later, especially if your hub has many members.
  2. By default, single sign-on (SSO) is enabled for the org you connected. To disable SSO, deselect Auto-enable SSO for this org.
  3. Select Connect Org again.
  4. In the pop-up window, enter the org’s admin username and password. If you don’t see the pop-up, temporarily disable your browser’s ad blocking software and try again.
  5. Select Log In, and then select Allow.
Following is the generic process which needs to be followed accordingly.

Hope this helps.

Please mark this as solved if it's resolved so that it results in helping others who are encountering a similar issue.

Best Regards,
Nagendra.
TimAlsopTimAlsop
You have explained how to add an org to the Hub. I already know this and it does enable SSO for this org but this only works for developer edition org’s not for sandbox org’s. However, this DOES NOT answer my question. I wanted to know how to make auto discovered org’s like sandbox orgs have SSO enabled so that I can login to sandbox using the Hub. If I have lots of sandbox org’s how can I enable SSO for each of them or make the system enable SSO on them automatically ? Thanks Tim
TimAlsopTimAlsop
Also, I hope you are aware that the Connect Org button does NOT work for sandbox since it uses login.salesforce.com instead of test.salesforce.com when asking for credentials. Tim
Jonathan CottrellJonathan Cottrell
@TimAlsop - did you ever get an answer to how to set-up Environment Hub so that you can configure SSO into a Child Org?
TimAlsopTimAlsop
No, I didn’t get an acceptable answer from Salesforce.
Jonathan CottrellJonathan Cottrell
I just looked back into the ISVForce Packaging Guide - and saw the following text. 

"SSO doesn’t work for newly added users or for user mappings defined in a sandbox org. Only add users, edit user information, or define SSO user mappings in the parent org for the sandbox."

Link: https://developer.salesforce.com/docs/atlas.en-us.packagingGuide.meta/packagingGuide/environment_hub_sso_mapping.htm

There's also a reference late in the FAQ section that says you can't install the Environment Hub into a Sandbox org.  So I'm guessing the real issue is that the authentication doesn't know how to hop from the Production (and developer) orgs over to the Sandbox orgs.
Miroslav MatovićMiroslav Matović
What does "Log in to the Environment Hub, and then select Connect Org" mean? Do I log into Partner business org? When I do, and choose "Environment Hub" app, there is no "Connect Org" option.