Enable Salesforce.com as an identity provider so you can use single sign-on with other web sites, and define the appropriate service providers whose applications support single sign-on. You can switch to different service providers without having to log in again.
Configure single sign-on in order to authenticate users in salesforce.com from external environments. Your organization has the following options available for single sign-on:
Federated authentication, a single sign-on method that uses SAML assertions sent to a Salesforce endpoint.
Federated Single Sign-On Using SAML
SAML Enabled - Checked/Not Checked
By default, Salesforce.com's Identity Confirmation feature automatically recognizes whether a user is logging in from an IP address or device that has been previously used. Unrecognized IP addresses or devices prompt identity re-verification.
The identity confirmation feature is what requires you to activate your computer to log in.
From Salesforce solution "What is the Identity Confirmation feature and how does it work?"
Criteria for Activation Process:
1. Is the org using IP Login Restrictions on Profiles?
2. Is the User logging in from an IP on the Trusted Network list?
3. Have we seen this Activated User from this IP address before?
----If Activated once before, we add the IP to their personal list and never challenge them from that IP again.
Each user has a list of IPs from which they’ve activated. (This list is not currently visible in the applciation.)
4. Does the User have a cookie placed from Salesforce in this browser?
----We set a cookie on any browser that doesn’t have a cookie once a User has logged in.
If they log in from a Trusted Network IP a cookie will be set in the browser.
*Yes on any one of these = Pass on activation process
*No on all of these = Initiate activation process
The activation process requires you to click "Send activation link" when you attempt to log in. Salesforce will then send you an email with a link that you must click to complete the activation process. You must click this link on the same computer that you intend to log in on- a blackberry or remote computer will not work.
Configure single sign-on in order to authenticate users in salesforce.com from external environments. Your organization has the following options available for single sign-on:
Federated authentication, a single sign-on method that uses SAML assertions sent to a Salesforce endpoint.
Federated Single Sign-On Using SAML
SAML Enabled - Checked/Not Checked
By default, Salesforce.com's Identity Confirmation feature automatically recognizes whether a user is logging in from an IP address or device that has been previously used. Unrecognized IP addresses or devices prompt identity re-verification.
The identity confirmation feature is what requires you to activate your computer to log in.
From Salesforce solution "What is the Identity Confirmation feature and how does it work?"
Criteria for Activation Process:
1. Is the org using IP Login Restrictions on Profiles?
2. Is the User logging in from an IP on the Trusted Network list?
3. Have we seen this Activated User from this IP address before?
----If Activated once before, we add the IP to their personal list and never challenge them from that IP again.
Each user has a list of IPs from which they’ve activated. (This list is not currently visible in the applciation.)
4. Does the User have a cookie placed from Salesforce in this browser?
----We set a cookie on any browser that doesn’t have a cookie once a User has logged in.
If they log in from a Trusted Network IP a cookie will be set in the browser.
*Yes on any one of these = Pass on activation process
*No on all of these = Initiate activation process
The activation process requires you to click "Send activation link" when you attempt to log in. Salesforce will then send you an email with a link that you must click to complete the activation process. You must click this link on the same computer that you intend to log in on- a blackberry or remote computer will not work.
No comments:
Post a Comment