Salesforce Identity
- Created by: cirving48785
- Created on: 29-09-20 11:14
View mindmap
- Salesforce Identity
- Single sign-on
- lets users access all authorized resources without logging in separately to each one
- not different user credentials for each app
- Connect users to accounts/apps in other SF orgs and other clouds
- Google Apps, MS Office, Box
- admins can set security policies and have explicit control over who uses which apps
- Connected apps
- "Authorized resources” that your signed-on users have access to
- Salesforce orgs, third-party apps and services together
- Without SSO
- Like a bookmark. Users can get to the app but may have to sign in again.
- Can manage authentication and policies for mobile applications.
- "Authorized resources” that your signed-on users have access to
- Social sign-on
- Users log in to a Salesforce org with their username and password from an external authentication provider
- A few clicks - Facebook, Twitter, LinkedIn, or Google
- More work - PayPal, Amazon
- especially useful when you want customers to be able to log in to a community without having to create (and remember) a new username and password
- Users log in to a Salesforce org with their username and password from an external authentication provider
- Two-factor authentication (2FA)
- twice as secure; strengthens user account security
- users have to provide a second “factor,” or proof of identity
- verification code to text, email or Salesforce Authenticator
- Salesforce Authenticator app, the second factor can be a response to a push notification on the user’s mobile device
- My Domain
- customize your Salesforce URL to include your company or brand name
- a subdomain
- Centralized user account management
- admins can manage all their user account tasks in one place
- Grant, revoke and freeze access to other apps
- apply login policy and explicit security controls
- EG - set a policy that prevents login without domain name
- Benefits: control over security, reduces access-related risk; makes end-user life easier
- admins can manage all their user account tasks in one place
- User provisioning for connected apps
- create, manage, and secure user accounts across all your orgs and connected apps
- manage user information quickly, cheaply, reliably, and securely across multiple systems and connected applications
- People with SF accounts also have accounts in clouds, (eg Google Apps, Office365, Concur, or Box) SF user provisioning is a single location where admins can create, update, delete, and manage those user accounts
- Salesforce Identity Connect
- synchronizes users and their attributes from Active Directory (AD) to Salesforce
- When a user is created in AD, that same user account can also be created automatically in Salesforce. When a user is deleted from AD, the user account in Salesforce is deactivated at the same time.
- let users sign in to Salesforce using their AD username and password
- In some circumstances, you can configure Identity Connect to automatically sign users in to SF: Users click a bookmark/link to SF and they’re authenticated and taken to Salesforce without even seeing a login
- When a user is created in AD, that same user account can also be created automatically in Salesforce. When a user is deleted from AD, the user account in Salesforce is deactivated at the same time.
- synchronizes users and their attributes from Active Directory (AD) to Salesforce
- App Launcher
- plays a prominent role in Lightning Experience
- presents tiles for all the standard apps, custom apps, and connected apps in your Salesforce org
- users can go to one location in Salesforce to access all apps—without having to log in again
- Admins choose which third-party and other connected apps to add the App Launcher and which apps are available to which users.
- Licensing
- Salesforce Identity is included in standard user licenses. Salesforce also offers special Identity Only licenses for users who want features like SSO but don’t need other parts of Salesforce, like Sales Cloud or Service Cloud.
- Single sign-on
Comments
Report