We need to create the Connect App for Salesforce SSO. A connected app is a framework that enables an external application to integrate with salesforce using APIs and standard protocols, such as SAML, OAuth, and OpenID connect. Connected Apps use these protocols to authenticate, authorize, and provide single sign-on (SSO) for external apps.

The external apps that are integrated with Salesforce can run on the customer success platform, other platforms, devices, or SaaS subscriptions.Salesforce

For example, when you log in to your Salesforce mobile app and see your data from your Salesforce org, you’re using a connected app.

By capturing metadata about an external app, a connected app tells Salesforce which protocol—SAML, OAuth, and OpenID Connect—the external app uses, and where the external app runs. Salesforce can then grant the external app access to its data, and attach policies that define access restrictions, such as when the app’s access expires. Salesforce can also audit connected app usage.

How Can My Salesforce.Org Use Connected Apps?

  • Access Data with API Integration
  • Integrate Service Providers with Salesforce

Access Data with API Integration:

When developers or independent software vendors (ISV) build web-based or mobile applications that need to pull data from your Salesforce org, you can use connected apps as the clients to request this data. To do so, you create a connected app that integrates with Salesforce APIs.

Also Read: How To Connect Pipedrive and Salesforce Integration

Integrate Service Providers with Salesforce:

When Salesforce acts as your identity provider, you can use a connected app to integrate your service provider with your org. Depending on your org’s configuration, you can use one of these methods.

Use a connected app with SAML 2.0 to integrate a service provider with your org. Salesforce supports SAML single sign-on (SSO) when the service provider or the identity provider initiates the flow.

What Role Do I Play with Connected Apps?

To put it simply, developers create and configure authorization flows for connected apps, and admins set policies and permissions to control connected app usage. But there’s much more to each role.

  • Connected App Developer
  • Connected App Admin

The steps to use a connected app:

There are some steps you need to follow. These steps are described below:

  • 1. Domain Setup
  • 2. The profile must access User Object
  • 3. Connected App Setup

Domain Setup Steps:

Go to Setup -> Quick find box -> Domain Management -> Click Domains -> Create New Domain (If not exists already)Domain Setup Steps

In my case domain name is : gst-idp-dev-ed

Profile Access User Object

The profile you are using for any user it can be any which has access to the User.

  • For Example here is one profile “Standard User”. By clicking on this profile you can add users to this profile.

Setup -> Quick find Box -> Profiles -> Standard User profile -> Click Standard Users or any other profile.

Add external users to any profile, for example, I am working on Standard User.Standard User profile

  • Or while you are creating a user you can assign this profile to User.

Click on Assigned UsersStandard User

Click on New User and then add usersSalesforce Standard User

  • Or you can create a new custom profile which must access user object and then use it.

Setup -> Quick find Box -> Create new User or Edit Existing User -> Assign Standard User Profile or the Custom Profile you have created.

for custom Go to:

Setup -> Quick find Box -> Profiles -> Create New Profile with Users Access Permission.for custom Go to

Connected App Setup Steps:

Setup -> Quick Find Box -> Manage Apps -> Connected App -> Create Connected AppConnected App Setup Steps

In my case app label is GST_IDP you can give any name and version.GST_IDP

Details inside Connected App:Details inside Connected App

Consumer Key and Consumer Secret are generated by Salesforce itself.

hire salesforce developers

GST System Calling API

Access your basic information (id, profile, email, address, phone)
Full access (full)

This URL will be used by GST System.

Selected OAuth Scopes:

Callback URL:

http://{Domain Name}/Account/ExternalLoginCallback

The domain name will be replaced by site URL, using that they will access the application
https:// gme-gst-test.bp.com/Account/ExternalLoginCallback

1. Consumer Key and Consumer SecretThis will return Consumer Key and Consumer Secret


2. pass consumer key, consumer secret Then we need to pass consumer key, consumer secret, and domain name to .net API as parameters.

Note: Whenever you do the integration with any other site using API, you need to set the site URL in remote site settings.remote site settings
If you are searching for experienced salesforce consultants for salesforce development services then please get in touch with us.

Also Read: Benefits of Salesforce Commerce Cloud Implementation

Avatar photo

I am a proficient Salesforce developer with noteworthy experience in the Salesforce consulting domain. Apart from my Job, what evokes curiosity in me is binge-reading, following technical aficionado’s work, and pondering over astonishing things in this universe.