Configure Single Sign On

Business Background

Configure SSO to invoke access to an external Titan Web project. Users in your Salesforce community can use the Titan Web project. You can bring custom variable attributes from Salesforce to your project.

Titan Solution

• Any Salesforce Push or Get will run on the logged-in user’s profile. For instance, if a community user creates a new contact in Salesforce, the contact will be created with that user’s profile details. 
• Ensure the user’s permission in the Titan Web project is the same as the permission level in Salesforce.

How to Video

• 0:08 Introduction.
• 0:38 Learn how to set SSO.
• 0:59 We will show you how to configure my account.
• 1:35 Learn how to create a certificate.
• 2:11 Learn how to create a new connected app.
• 4:20 We show you how to create custom attributes.
• 7:15 Learn how to select a profile.
• 8:21 We show you how to download a certificate.
• 8:55 Learn how to configure the SSO.
• 10:40 We show you how to add parameters.
• 12:33 Learn how to set pages private or public.
• 14:11 We show you how to create a case.
• 16:33 We show you how to view debug mode.
• 18:50 Learn how to do community mapping.

How to Guide

Prerequisites:

1. Click the Settings tab.
2. Click the Integrations subtab. The Integrations Status screen opens.

3. Scroll down the list to find the SSO option and click the Authenticate button. The SSO Auth screen opens.

To complete the following screen, do the configuration in Salesforce.

Configure a Certificate in Salesforce

1. Click the Setup icon in Salesforce and navigate to Certificate and Key Manager.
2. Click the Create Self-Signed Certificate button. The Certificate and Key Edit screen opens.

3. Type the Label and Unique Name in the relevant fields.
4. Click the Save button and click the Download Certificate button. A certificate will be generated.

5. Browse to the file location where the certificate was downloaded.
6. Right-click on the certificate and open the file with an app, such as Notepad.

7. Keep this app open. You will need to copy all the text (including —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–) and later paste it into the Certificate field on the SSO Auth screen in Titan.

Configure New Connected App in Salesforce

1. Click the Setup icon in Salesforce and navigate to App Manager.
2. Click the New Connected App button. The Create a Connected App screen.
3. Click the Create a Connected App option and click the Continue button.

4. Type the Connected App Name and the API Name in the relevant fields.
5. Type the Contact Email address and Enable the SAML checkbox.
6. Add the Subject Type in the field and click the subject type, for instance, username.
7. Select the Name ID Format from the drop-down list, for instance, SAML: 1.
8. Select the IDP certificate from the drop-down list, for instance, the one you are generating or an existing one.
   • In this example, the new connected app is selected.

9. Navigate to the Titan Dashboard, and copy the Service provider Entity ID and the Access URL from the SSO Auth screen.

10. Navigate to Salesforce and paste the Service provider Entity ID in the Entity ID field.
11. Paste the Access URL in the ACS URL field.
12. Click the Save button.

Create Custom Attributes in Salesforce

1. Click the New button on the Custom Attributes option on the Manage Connected App screen.

2. Type the SF Session in the Key field.
3. Click the Insert Field button.

4. Insert fields, for instance, label or API Session ID.
5. Click the Insert button.

6. Click the Save button.

7. Click the Manage button

8. Copy the IdP-Initiated Login URL from the SAML Login Information.

9. Scroll down, and under Profiles, click the Manage Profiles button. The Application Profile Assignment screen opens.

10. Click the relevant checkbox/es to select profile/s and then click the Save button.

Give Profile Access to the Connected App

1. In Titan, paste the URL in the SSO Login URL field.

2. Navigate to the Notepad app where the Certificate code is.
3. Copy everything on the Notepad.

4. Paste it in the Certificate field on the SSO Auth screen.
5. Click the Test button. You will see a “Thank you for authenticating” message when the authentication is successful.

6. Click the Apply button.

7. Navigate to Titan Web to configure the SSO.

Configure SSO in Titan Web

1. In Titan Web, click the Gear icon to open the Project settings screen.
2. Click the User Access option and enable the SSO toggle.
3. Click the Gear icon next to the SSO option.

4. Click the Use Salesforce session checkbox. Any Salesforce Push or Get will run on the logged-in user’s profile.
   • For instance, if a community user creates a new contact in Salesforce, the contact will be created with that user’s profile details. 
   • Ensure that the users with access to the Web project in Salesforce have all the necessary permissions to use all the objects.
5. Click the drop-down list to choose where you want to get the Session ID from Salesforce.
6. Map a parameter that you want from SSO. The portal user email and user ID are shown from Salesforce by default.

7. If necessary, click the Override SSO logout checkbox and click the Apply button. When someone logs out, you can override them with your URL.

8. Save the project.

You will be asked to log in first to access your project. A verification code will be sent to your email address to verify your account. You can also set pages in your project to public (available to anyone) or SSO enabled (authenticate verification).

You can edit the SSO settings by clicking the Edit button.