[mitreid-connect] Interoperability with Salesforce.com
Kari Hiitola
kari.hiitola at vincit.fi
Thu Sep 4 06:31:42 EDT 2014
Hello,
Has anyone successfully used MITREid Connect Identity Provider for
authenticating Salesforce.com users?
I have created a simple webapp overlay (on top of MITREid Connect 1.1.9)
that works perfectly with a test client https://demo.c2id.com/oidc-client/
. I configured a Salesforce (developer account) custom domain to use OpenID
Connect authentication and created a custom registration handler. With the
same registration handler and similar configuration I've been able to
authenticate Salesforce.com against Google's Identity Provider.
Out maybe a couple of hundred times that I have tried, authentication has
succeeded twice. And without changing anything, it then has started to fail
again. Normally Salesforce gives error: "ErrorCode=Unknown_Flow,
ErrorDescription=The flow type was not recognized" which I couldn't find in
Salesforce.com documentation. The logs don't show the SF registration
handler being run at all in these failed cases. Network traces show that
Salesforce.com backend issues the POST to /token but apparently doesn't
like the response somehow.
Any ideas? Am I alone with these problems, or even alone trying to get it
to work?
Best regards,
- Kari Hiitola
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20140904/4060e52d/attachment.htm
More information about the mitreid-connect
mailing list