Starting November 20, the site will be set to read-only.
On December 4, 2023,
Apex Code Development (90768)
General Development (55146)
Visualforce Development (37251)
Lightning (18265)
APIs and Integration (17146)
Trailhead (11680)
Formulas & Validation Rules Discussion (11337)
Other Salesforce Applications (8116)
Jobs Board (6655)
Force.com Sites & Site.com (4842)
Mobile (2694)
You need to sign in to do that
Don't have an account?
jsolomon Hi,
Wehave a customer who is using Federated Authentication, but also need delegated authentication or something similar to call SFDC web services from a .NET desktop client. What would you recommend we do in the desktop client to enable SSO logins to SFDC web services ?
Thanks,
jps
Not sure I entirely understand. Are you asking how a user gets authenticated to make SFDC Web Service calls from a .NET client - if that salesforce.com environment has implemented delegated authentication?
Assuming I got that right, and assuming the customer has implemented Delegated Authentication ,when the .NET client app invokes the login() api method to authenticate, the login() call will get redirected to the URL endpoint specified in the Default Gateway URL parameter under Setup. So the .NET app doesn't really need to worry - it just invokes the login() and the response, after going through the delegated authentication process, will respond with the valid sessionID and serverURL to make corresponding API calls from the .NET client.
Thanks for responding.
To clarify, the Salesforce.com environment has implemented federated authentication (not delegated authentication). Would it still work?
Thanks.
I think the only difference is that the .NET client needs to callout to the Federated Authentication endpoint to login on behalf of salesforce.com and the response needs to be the salesforce.com sessionId and serverURL (whereas before I mentioned to call the sfdc login() api if it were delegated authentication). The .NET client needs to get the sessionId and serverURL from salesforce.com. And that is accessed through the federated service - in this scenario.
I'm still not clear.
when .net client calls the federated authentication endpoint (Siteminder, for example) with userId and password, how will Siteminder know it has to call salesforce to establish a session? Are there additional parameters passed to the endpoint for this purpose? If so, what would they be?
Thanks.
I am not sure I can answer that question - it has to do with how the federated service is implemented. You are looking to have a .NET app communicate with the federated service to initiate this entire process. The key (from the salesforce.com perspective) is that the federated service needs to initiate the login() method on salesforce.com to authenticate the user. Then the federated service will respond back to salesforce.com with a "true" response to tell salesforce.com to grant the sessionId.
There is more information on Single Sign On here.