使用Salesforce从SSO到Dynamics Portal

Question

如何使用Salesforce凭据单点登录Dynamics 365门户？

Answer 1

Ok, this is how I achieved SSO to dynamics 365 using salesforce credential:

First, we need to create a connected app in Salesforce. We can easily find resources online on how to create a connected app on Salesforce. Key things to consider is that both Salesforce and Dynamics uses SAML based authentication so we need to enable SAML while creating connected app.

1. EntityId would be url of the Dynamics Portal https://yourportal.microsoftcrmportals.com
2. ACS URL would be https://yourportal.microsoftcrmportals.com/signin-saml2
3. Let start URL as: https://yourportal.microsoftcrmportals.com
4. Let Subject Type as: Username
5. Put Name ID Format: ....emailAddress

Leave other values as default and Save it. You might need to set up My Domain if you have not done so.

You have to now provide permission to users to access this app through manage profile.

Now we need to do some config setup at the Dynamics Side.

Go to your Dynamics CRM backend and on the Portals >> Site Settings. You need to create few settings.

1. Name: Authentication/SAML2/YourAppName/AssertionConsumerServiceUrl

   Website: your Dynamics Portal

   Value: https://yourportal.microsoftcrmportals.com/signin-saml2

YourAppName can be anything you want. Similary, create settings for following names:

1. Authentication/SAML2/YourAppName/AuthenticationType

   Value would be IdP-Initiated Login URL from Salesforce

2. Authentication/SAML2/YourAppName/MetadataAddress

   Value would be Metadata Discovery Endpoint from Salesforce connected app, we created earlier

3. Authentication/SAML2/YourAppName/ServiceProviderRealm

   Value: https://yourportal.microsoftcrmportals.com

Thats it. Now click on IDP Initiated login url that is provided in the Salesforce. That should work.