Integration Trusona with Salesforce

How to use Trusona to enable passwordless logins for Salesforce

What’s in this doc

Trusona's Salesforce Integration Guide from Trusona on Vimeo.

Step 1 - Email Trusona

Send an email to support@trusona.com. In the body include:

  1. Your company name
  2. Email address domain associated with your Salesforce account, e.g. “example.com” if your email address looks like “user@example.com”

Trusona will use this information to generate an XML file. Trusona will email that file back which is needed to complete Trusona for Salesforce integration. (You can expect to receive an email from Trusona within 24hrs.)

Step 2 - Custom Domain

If you haven’t done so already create a custom domain in Salesforce:

Setup > Domain Management > My Domain > “Create your custom domain” > Register Domain

Note: Once your domain is registered it will be up to the organization’s policy whether to still allow logging into salesforce through login.salesforce.com or only allow login through the organization’s new customized domain.

Step 3 - Enable SAML

Make sure that “SAML enabled” is checked. Setup > Quick Find search Single Sign-On Settings > Edit > check off SAML Enabled > Save

Step 4 - Upload XML

While still in Single Sign-On Settings

  1. Select “New from Metadata file” button.
  2. Choose File
  3. Upload the XML file Trusona sent you
  4. Select Create
New from metadata file
Choose file
Create

Step 5 - Edit SAML Gateway

While still in Single Sign-On Settings

  1. Select Edit
  2. Change Name to Trusona
  3. Confirm Request Signature Method is set to “RSA-SHA256”
  4. Option 1: Select “Assertion Contains the User’s Salesforce username” if the Salesforce username is the same as their organization’s email address used to login to Salesforce. To verify if the Salesforce username is the same as their organization’s email address used to login to Salesforce go to Setup > Users > Users. If yes, the username and their organization’s email address should be the same.
  5. Option 2: If the Salesforce username is different from their organization’s email than select “Assertion contains the Federation ID from the user object” and a Federation ID will then need to be created for each user (see step 5B).
  6. Select HTTP Redirect
  7. Make sure Identity Provider Login URL is populated
  8. Select Save

Step 5B - Creating a Federation ID

This step is only needed if you selected Option 2 in the previous step.

Note: The XML file provided by Trusona is customized to your organization’s email domain. If your users have a different email domain as their username than you will need to create link between their email domain and the organizations’ by creating a Federation ID for those users.

  1. Setup > Manage Users > Users > edit next to the user’s name.
  2. Enter the email address the Salesforce user uses to login to Salesforce in the Federation ID field

Step 6 - Email Trusona XML

  1. In Single Sign-On Settings select “Trusona” under Name.
  2. Select “Download Metadata” and send that XML file to support@trusona.com.

Trusona is going to send you a confirmation email that the XML file has been integrated on Trusona’s end. Once confirmed you can start using Trusona to login to Salesforce.

Step 7 - Check off Trusona

Setup > Quick Find search My Domain > Edit in Authentication Configuration > check off Trusona > Save

Step 8 - Visit your Custom Domain URL in Browser

Step 9 - Get Users up to speed

Now that Trusona for Salesforce is ready to be used across your organization share Trusona for Salesforce End-User Video with your Salesforce users.