You need to sign in to do that
Don't have an account?
SAML Questions
We are considering a SAML SSO SF solution, because we already use an identity provider for other (non-SF) applications.
But we also have a need for Web Service API calls for a few custom applications that we have built, one of which launches when the user clicks a custom button on a SF page.
1) Is it generally good practice to set SF user account passwords to Never Expire when using SAML/SSO?
2) I have a need to deploy WS API code to clients using our SF pages through SAML. The code needs to run in the client browser (after they click a custom button using javascript). If passwords are set to never expire, then I guess this policy would also apply to the general service/user account(s) designated as Web Service API only logins - and I would need to embed the account/password in the code? If I read the docs correctly, WS API calls cannot use SSO/SAML, so a id / password (token) is required?
I guess I'm not sure if embedding a never-expiring password in that deployed code so it can seamlessly hit SF is a good idea (?)
If the password is embedded, and it does expire, I'd like to avoid having to re-deploy that code again if at all possible...
Any general advice?
thanks