+ Start a Discussion

is single sign on possible with oAuth authentication process?

Hi , 

I have read salesforce documents for single sign on. SSO possible with two approaches

1. SAML 
2. Delegated Authentication.

is single sign on possible with oAuth authentication process? if yes, please help any doc link related to that?

Thanks in Advance.

NagaNaga (Salesforce Developers) 
Hi Siva,

Yes SSO will work with OAuth.OAuth 2.0 is a open authorization protocol that provides a framework useful for connecting applications to users' accounts. It provides a variety of benefits including developer simplicity, improved security by not exposing user credentials unnecessarily, and an improved user-experience as actions like a password reset no longer disrupt their applications. OAuth is in the process of being standardized in the IETF, and is a critical component of salesforce.com strategy for application developers.

The combination of these two protocols is how Force.com enables single sign-on for desktop and mobile applications. By using OAuth to enable users to connect applications to their accounts, and leveraging SAML for the authentication of that connection, the single sign-on integration that was once only applicable for the web-browser can now service a wide variety of user applications.

This is based on the core tenets:

Desktop and mobile applications are being re-written to use OAuth to connect to user accounts. Users must authenticate and authorize the application. Once this is complete, a high-entropy (long, random) token is issued to the device and used in lieu of a password the next time the application is used. This credential is unique to the combination of user and application, and can be monitored, managed, and revoked independently.

Please follow the below link for more info


Best Regards
Naga Kiran
Thank you Naga, 

1. Client don't have SAML, is SAML is mandatory to implement SSO 

2. if we use oAuth , is it required username and password must be correct to authenticate salesforce?