function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
shrey.tyagi88@tcs.comshrey.tyagi88@tcs.com 

Salesforce Org - Both as SP and IDP

I have this follwoing scenario . Can someone please help?

50% of employees in my org have active salesforce licenses. They log into the org via SSO through Active Directory . So in this case :

My Salesforce org is an SP (with SSO settings enabled)

&&

AD is my Idp

Also, I have another Web Based app called "Booking Portal". I want all my Salesforce users to seamlessly log into my Booking Portal app.

 

How can I do this?

 

Can I add Booking portal as my canvas app and enable SAML ? In this case Salesforce will be my IdP . Is this doable?

MagulanDuraipandianMagulanDuraipandian
There are two ways to achieve this
1. Salesforce as IDP - It will work. But you have to control Canvas App visibility to the users in Salesforce.
2. AD as IDP - It will work. AD Group can easily control who can access the app.
Both the cases will work. My personal recommendation is two so that AD Group can control the app.

--
Magulan Duraipandian
www.infallibletechie.com