You need to sign in to do that
Don't have an account?
Dru - Cloud62 SAML single sign on for select profiles
Is it possible to use SAML single sign on for only certain profiles?
If so, How?
Starting November 20, the site will be set to read-only.
On December 4, 2023,
Apex Code Development (90768)
General Development (55146)
Visualforce Development (37251)
Lightning (18265)
APIs and Integration (17146)
Trailhead (11680)
Formulas & Validation Rules Discussion (11337)
Other Salesforce Applications (8116)
Jobs Board (6655)
Force.com Sites & Site.com (4842)
Mobile (2694)
You need to sign in to do that
Don't have an account?
Dru - Cloud62 Is it possible to use SAML single sign on for only certain profiles?
If so, How?
There are likely other ways to achieve this, but one option is to set up Salesforce SSO configuration so that the SAML User ID Type is "Assertion contains the Federation ID from the User object". Then, only the user accounts that you want to allow SSO into would have the "Federation ID" property set properly to map the incoming user's SAML assertion.
You may want to also concisder how this is controlled from your IdP side (i.e.: who can login, send a SAML assertion to Salesforce, etc.). A solution there would depend on what your IdP software is.