Authenticate Salesforce with LinkedIn

UntitledIn this blog post let see about how to configure social single sign-on authentication for salesforce. As part of Winter15 release salesforce provided social single sign-on using LinkedIn and twitter also. Now lets see about how to configure using LinkedIn.This allows user to login in to your salesforce organization using their social media account, this functionality can be used for both internal and external(community users). Let see step by step procedure for LinkedIn.

Create LinkedIn Application:
  • Log into your LinkedIn developer account.
  • Click on the username at the top of the page and select API keys
  • Click Add Application and enter all mandatory settings and save.
Note down the API key and Secrete key  we will use it later in salesforce

screenshot-www.linkedin.com 2014-09-04 23-27-25

LinkedIn Auth. Provider in salesforce:

Go to setup->Security control->Auth. Providers select LinkedIn in the provider, then enter the name and URL suffix. In the Consumer Key enter the API key and in the Consumer secrete enter the secret key values from the LinkedIn app. In the registration handler click “Automatically create a registration handler template” this will create the apex class for the user authentication(Lets look into that in the next step). Then click save, it will create the client configuration URLs.

screenshot-karanrajs-dev-ed.my.salesforce.com 2014-09-05 17-29-15
screenshot-by-nimbus (1)

Copy the Call back URL and then go back to the LinkedIn application paste it in the OAuth 2.0 redirect URLs value

Registration Handler class:

Open the registration handler class and update with the below code.

In the above class in the CreateUser method we are checking if any user exist in the organization with the logged in email address, if it has any user then it allow the user to login with their LinkedIn credentials else it will display the error message. If you want to display custom error page, you create a custom error page and paste the URL in the custom URL section of Auth. provider in salesforce.

In the Registration handler class you can handle the logic create new user if no match is found and allow them to login into your org. This scenario mostly used for the community users.

Where I can use?

Lets test the single sign-on functionality,open the Test-only initialization URL, then login with your LinkedIn user credentials and it will display the user details in the XML format.

screenshot-karanrajs-dev-ed.my.salesforce.com 2014-09-05 17-09-26


We can use this feature in the following ways.

Method 1 : Directly use the Single sign-on registration URL for login.

Method 2: If you have “My Domain” for you organization you can allow user to login with the LinkedIn credential. Setup->Domain Management->My domain->Login Page Branding


Untitled

Method 3: If your organization have community, you can also allow the community users to login with their LinkedIn credentials.

Revoke Access:
If admin or user later wants to revoke the linked account access, they can able to revoke under the “Third party Account Links” section in the user detail page.


Comments

  1. apple watch 6 titanium - India's top-ranking luxury retail
    › apple-watch-6-titanium-titanium-titanium-titanium › apple-watch-6-titanium-titanium-titanium-titanium-titanium-titanium-titanium-titanium-titanium. The titanium nose hoop apple titanium tv alternative watch features a 3.3" LCD screen used ford fusion titanium along titan metal with 2,920+ pure-grade crystal  Size: 3.3 x 6.9 womens titanium wedding bands x 5.9 inches Weight: 3.3 pounds

    ReplyDelete

Post a Comment

Popular Posts