To use the connector for Salesforce, you must meet the following requirements:
Ensure you have meet the global requirements for SAML 2.0 connectors. For more information, see Section 4.1, Global Requirements for SAML 2.0 Connectors.
A full or developer type Salesforce account.
Read through and understand the single sign-on documentation from Salesforce. For more information, see Configuring SAML Settings for Single Sign-On.
The login URL from Salesforce.com. It is available in the downloaded metadata file as the Location value for AssertionConsumerService.
The connector for Salesforce does not provision user accounts. You must either manually create user accounts at Salesforce or use the Salesforce Just-In-Time provisioning feature. The Salesforce Just-in-Time provisioning feature requires additional configuration steps. For more information, see Section 9.4, Provisioning Users to Salesforce.
IMPORTANT:If you do not configure Salesforce for Just-in-Time provisioning, user accounts that match accounts in the identity store must already exist in Salesforce for single sign-on to function.
To configure the required Single Sign-On settings at Salesforce, use the Federation Instructions available in the System Setup section when you configure or edit the connector for Salesforce. These Federation Instructions contain metadata specific to Access Manager including URLs, certificates, and other information you need to properly configure the Single Sign-On settings in Salesforce.