<div dir="ltr">Hello,<div><br></div><div>Has anyone successfully used MITREid Connect Identity Provider for authenticating Salesforce.com users?</div><div><br></div><div>I have created a simple webapp overlay (on top of MITREid Connect 1.1.9) that works perfectly with a test client <a href="https://demo.c2id.com/oidc-client/">https://demo.c2id.com/oidc-client/</a> . I configured a Salesforce (developer account) custom domain to use OpenID Connect authentication and created a custom registration handler. With the same registration handler and similar configuration I've been able to authenticate Salesforce.com against Google's Identity Provider. </div>
<div><br></div><div>Out maybe a couple of hundred times that I have tried, authentication has succeeded twice. And without changing anything, it then has started to fail again. Normally Salesforce gives error: "ErrorCode=Unknown_Flow, ErrorDescription=The flow type was not recognized" which I couldn't find in Salesforce.com documentation. The logs don't show the SF registration handler being run at all in these failed cases. Network traces show that Salesforce.com backend issues the POST to /token but apparently doesn't like the response somehow.</div>
<div><br></div><div>Any ideas? Am I alone with these problems, or even alone trying to get it to work?</div><div><br></div><div>Best regards,</div><div><br></div><div> - Kari Hiitola</div></div>