※ Application for the optional service of integration with external IDP is required.
※ You need to create an account with Salesforce with the same e-mail address used for your SKUID account.
※ Please refer to the manual provided by Salesforce for the latest settings procedure.
Defining Service Providers as SAML-Enabled Connected Apps.
Settings for Salesforce
Log in to Salesforce with an administrator account.
1. Choose [Administration]→[Security Control], [ID provider] and click [Activate ID provider]. Select a certificate from the drop down on the next page.
2. Obtain the [Issuer (Entity ID)] on [Identity Provider Setup]] and save a file on the [Download Certificate].
3.Click [Service Providers are now created via Connected Apps. Click here.] next to [Service Providers] and proceed to the next step [New Connected App].
Configure each of the following items on [Basic Information] and upload the logo image.
Connected App Name: SKUID
API Name: SKUID
Contact Email: email@example.com
4.Tick the [Enable SAML] on [Web App Settings], fill in each of the following items and click [Save].
Entity Id: skuid-saml-sp
ACS URL: https://portal.sku.id/saml/acs
Subject Type Username
Name ID Format:urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
5.Click [Manage] and copy and paste [SP-initiated Redirect Endpoint (SSO URL)] on the next page. Click [Manage profile] and select a user profile that uses IDP integration.
SKUID Administrator Panel Settings
1．Log in to SKUID, and open [Settings>Optional Functionality>External IDP>Settings] on [Administrator panel].
2．Open [Add External IDP].
3．Input SSO URL, Entity ID and the certificate obtained in the step 2 and 5 above, and click [Reregister].
4. Next, allocate members and/or groups using external IDP. Select appropriate service names from the list of external IDPs and, click [Add Member] or [Add Group] in the following screen.
5. Select members or groups to be added and click [Register].
This completes the settings.
Salesforce log-in option will appear in the SKUID log in page once you enter your company ID and e-mail address. (Only administrators can also log in with SKUID password.)