Apex Code Development You need to sign in to do that
Don't have an account?
Meenakshi P SAML Authorization - Salesforce
Hi,
I am new to SAML.
I have SAML configuration enabled in the salesforce application and I need to authorize in my code using saml.
I am looking for such approach where first I can authenticate using just username-password flow first and then authorize. As first step, I tried with a sample java code / curl to authenticate my test application using username-password flow and it worked.
As second step I want to add saml to it now using java code / curl.
Can someone please guide me how to start with?
I looked into the below url about SAML :
https://help.salesforce.com/apex/HTViewHelpDoc?id=remoteaccess_oauth_web_sso_flow.htm&language=en_US#ConfigureSAML
How can I use the accessToken which I received during initial authentication. Do I just need to pass below parameters?
grant_type=assertion&assertion_type= urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Aprofiles%3ASSO%3Abrowser& assertion=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbW. . .
I checked SAML response of my application in browser using saml tracer, after giving username and password and can see saml format as:
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">
I am new to SAML.
I have SAML configuration enabled in the salesforce application and I need to authorize in my code using saml.
I am looking for such approach where first I can authenticate using just username-password flow first and then authorize. As first step, I tried with a sample java code / curl to authenticate my test application using username-password flow and it worked.
As second step I want to add saml to it now using java code / curl.
Can someone please guide me how to start with?
I looked into the below url about SAML :
https://help.salesforce.com/apex/HTViewHelpDoc?id=remoteaccess_oauth_web_sso_flow.htm&language=en_US#ConfigureSAML
How can I use the accessToken which I received during initial authentication. Do I just need to pass below parameters?
grant_type=assertion&assertion_type= urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Aprofiles%3ASSO%3Abrowser& assertion=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbW. . .
I checked SAML response of my application in browser using saml tracer, after giving username and password and can see saml format as:
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">
Since you are using a username-password, you get the authorization token and you can start using that token. However, since you are using username-password, you won't get a refresh token, and thus would require to authenticate again.
Here is a deep-dive article into various use-cases, maybe this would help you. This has some explanation and use-cases below. The link below takes you directly to username-password flow, but I would encourage you to read this through (if you've not done this already)
https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com#Obtaining_a_Token_in_an_Autonomous_Client_.28Username_and_Password_Flow.29
=========
ps: If your problem/question is resolved/answered, please mark your post as 'Solved' so that the community can benefit with resolution of issues.
yes I understand it needs to get authenticated again, which is fine. But I was looking for steps for SAML implementation details question which I posted initially...