Acquire

Salesforce SAML

Step 1. Setup Salesforce Identity Provider

  1. First setup salesforce as an identity provider by following the official documentation.
  2. After enabling SF as an identity provider, download the certificate. For this tutorial, I used the default self-signed certificate provided by SF.

Step 2. Define a Connected App for Acquire Identity Server

  1. Go to setup and search for "App Manager" and select.
  2. Select ‘New Connected App’
  3. Check "Enable SAML" in "Web App Settings" and Configure a connected app with the below details and save.

SAML Service Provider Settings:

  • Entity Id: Acquire
  • Subject Type: Username
  • ACS URL:  https://app.acquire.io/saml/salesforcesaml/{User Account ID} 
  • Name ID Format : urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
  • Idp Certificate: select the self-signed cert from the drop down
  • Issuer: use domain configured in step 1 (ex: https://acquire-sample.my.salesforce.com)

Now you have setup the idp and created a connected app for Acquire Identity.

  1. After creating the app, go to setup and search for “Manage Connected Apps” and select.
  2. Click on the "Acquire" app we created.
  3. Go to the "Profiles" section and click "Manage Profiles".
  4. Select Salesforce user profiles to restrict who can access the "Acquire" connected app.

Step 3. Add Role, FirstName, and LateName  to the SAML Attribute Statement

The role of the authenticated user needs to be sent to Acquire for role-based authorization. Therefore, you have to add a role to the connected app as a custom attribute.

  1. Go to setup and search for “Manage Connected Apps” and select.
  2. Click on the "Acquire" app we created earlier.
  3. Go to “Custom Attributes” section and click on new.
  4. Provide “role” as attribute key and “ $UserRole.Name” as the attribute value and save.
  5. Provide “FirstName” as attribute key and “ $User.FirstName ” as the attribute value and save.
  6. Provide “LastName” as attribute key and “  $User.LastName ” as the attribute value and save.

Step 4. Enable Identity Provider

  1. Go to setup and search for "Identity Provider" and select.

  1. Click on “Enable Identity Provider” button. 

  2. Select your self-signed certificate and click Save.

  1. You should now see this screen. Click on Download Certificate.(need to paste in Acquire X.509 Certificate )

Step 5. Configure Salesforce - SAML to Acquire

  1. Go to setup and search for “Manage Connected Apps” and select.
  2. Click on the "Acquire" app we created earlier.
  3. Copy “IdP-Initiated Login URL” and paste  

Basic Information

  1. IdP-Initiated Login URL: Login URL
  2. Issuer: Issuer
  3. Idp Certificate: Copy Download Certificate and Paste.

Step 6. Add an app in App Launcher

  1. Go to setup and search for “Manage Connected Apps” and select.
  2. Click on the "Acquire" app we created.
  3. Copy “IdP-Initiated Login URL” 
  4. Click “Edit Policies” 
  5. Paste   “IdP-Initiated Login URL”  in “Start URL” and save.
  6. You can see the “Acquire” app in App Launcher. 

Now assign the app to user and Salesforce can be used to login to Acquire.


Table Of Content