Salesforce Single Sign-on Setup Guide

  • Updated
  • Zingtree supports SAML 2.0 based Single Sign-on (SSO). This lets you require anyone accessing a tree to log in via your Identity Provider and authenticate themselves first. This article will walk you through how to set it up using Salesforce. 

    Setup

    1. From the Salesforce lightning experience homepage, select the gear icon in the top right corner. Click on Setup.

    1. Search for Identity Provider and click it. 

     

    1. From the drop down menu select Create a New Certificate.

    1. Enter Zingtree Authors or Zingtree Agents as the label. Click Save. 

    1. Click Download Metadata. You’ll need to extract the Entity Id, ACS Url and Service Provider certificate. 

    1. In Zingtree choose Account Settings> Single Sign-On

    Azure_SSO_Setup_Guide.png

     

    1. By using the orange button you can switch between either Authors or Agents. Choose which user type you want to have SSO.  

     

    1. Go back into Salesforce and open the Connected App section. Make sure to enable the SAML check box so you can access the Entity ID and ACS URL fields. 

     

     

    1. Return to Zingtree and click Next: Enter Identity Provider Data for Agents.

    1. Open the XML metadata file you downloaded in step 5 and extract the Entity ID, Certificate, and Login/ACS URL

     

    1. In Zingtree Input the Entity ID, Login URL, and Certificate. Be sure to check the Enable MFA as option button.

    2. When you’re finished click Save Identity Provider Settings for Agent/Author Access

     

    Testing

     

    To test the connection do the following:

     

    1. In Salesforce make sure to set a group permission or user profile.

    2. In Zingtree click the Test Author/Agent Login Button. 


    Enabling SSO for Agents/Authors

    Once SSO is working properly from your test, you can restrict access to any tree as follows.

    1. From Account, Single Sign-on, make sure you are on the Agents/Authors page.
    2. Tick enable Agents/Authors.

      SFSSO17.png

    IMPORTANT: You still need to specify individual trees to restrict access to. Here’s how:

    1. Go to My Trees, and select the tree that you want to require SSO login.
    2. Click Settings > Security, and you’ll see something like this:

      2022-05-05_10-21-53.png

    3. Check Require Login via Single Sign-on (SSO).
    4. Click Update Settings.

    Dedicated Agent Login

    Rather than having Agents go through the Zingtree login page, you can send them directly to your SSO login page. Here’s how:

    1. Go to Account, My Agents.
    2. Give your agents the link from this button:

  • Zingtree supports SAML 2.0 based Single Sign-on (SSO). This lets you require anyone accessing a tree to log in via your Identity Provider and authenticate themselves first. This article will walk you through how to set it up using Salesforce. 

    Setup

    1. From the Salesforce lightning experience homepage, select the gear icon in the top right corner. Click on Setup

    1. Search for Identity Provider and click it. 

     

    1. From the drop down menu select Create a New Certificate.

    1. Enter Zingtree Authors or Zingtree Agents as the label. Click Save. 

    1. Click Download Metadata. You’ll need to extract the Entity Id, ACS Url and Service Provider certificate. 

    1. In Zingtree choose Account > Single Sign-On. 

     

    1. By using the orange button you can switch between either Authors or Agents. Choose which user type you want to have SSO.  

     

    1. Go back into Salesforce and open the Connected App section. Make sure to enable the SAML check box so you can access the Entity ID and ACS URL fields. 

     

     

    1. Return to Zingtree and click Next: Enter Identity Provider Data for Agents.

    1. Open the XML metadata file you downloaded in step 5 and extract the Entity ID, Certificate, and Login/ACS URL. 

     

    1. In Zingtree Input the Entity ID, Login URL, and Certificate. Be sure to check the Enable MFA as option button.

    2. When you’re finished click Save Identity Provider Settings for Agent/Author Access. 

     

    Testing

     

    To test the connection do the following:

     

    1. In Salesforce make sure to set a group permission or user profile.

    2. In Zingtree click the Test Author/Agent Login Button. 


    Enabling SSO for Agents/Authors

    Once SSO is working properly from your test, you can restrict access to any tree as follows.

    1. From Account, Single Sign-on, make sure you are on the Agents/Authors page.
    2. Tick enable Agents/Authors.

      SFSSO17.png

    IMPORTANT: You still need to specify individual trees to restrict access to. Here’s how:

    1. Go to My Trees, and select the tree that you want to require SSO login.
    2. Click Settings > Security, and you’ll see something like this:

      2022-05-05_10-21-53.png

    3. Check Require Login via Single Sign-on (SSO).
    4. Click Update Settings.

    Dedicated Agent Login

    Rather than having Agents go through the Zingtree login page, you can send them directly to your SSO login page. Here’s how:

    1. Go to Account, My Agents.
    2. Give your agents the link from this button:

  • Throughout 2022 Zingtree will be upgrading customers to our new faster and more modern user experience! Here's how to tell which experience your Zingtree Authors are currently using.

    Log in to your Zingtree Author account and navigate to My Trees. How does your current My Trees page look?

    Zingtree Classic

    2022-02-25_12-24-51.png

    New User Experience

    mceclip0.png

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request