{"id":6455,"date":"2018-04-19T00:18:12","date_gmt":"2018-04-19T04:18:12","guid":{"rendered":"https:\/\/www.jitendrazaa.com\/blog\/?p=6455"},"modified":"2018-07-22T12:54:42","modified_gmt":"2018-07-22T16:54:42","slug":"quick-summary-of-salesforce-identity-connect-capabilities","status":"publish","type":"post","link":"https:\/\/www.jitendrazaa.com\/blog\/salesforce\/quick-summary-of-salesforce-identity-connect-capabilities\/","title":{"rendered":"Quick Summary of Salesforce Identity Connect Capabilities"},"content":{"rendered":"<p>Below are important summary about <strong>Identity Connect<\/strong><\/p>\n<ul>\n<li style=\"text-align: justify;\">It comes as add on feature with Salesforce with additional cost<\/li>\n<li style=\"text-align: justify;\">Only works with <strong>Active Directory<\/strong><\/li>\n<li style=\"text-align: justify;\">Its only one way Sync, from Active Directory to Salesforce<\/li>\n<li style=\"text-align: justify;\">We can assign profile, role and permission set to user using Identity Connect<\/li>\n<li style=\"text-align: justify;\">Any changes made manually for mapped field on user record would be overwritten with next sync.<\/li>\n<li style=\"text-align: justify;\">Sync from Active directory to Salesforce can be realtime or scheduled<\/li>\n<li style=\"text-align: justify;\">If the user is deactivated in Active Directory then user record also gets deactivated. Identity Connect internally uses API to deactivate user. Unlike for some other SSO solutions, if user is deactivated in Active directory then they cannot login to Salesforce. However, if they already logged into mobile phone or connected app then they can still access Salesforce. This problem is resolved in Identity Connect.<\/li>\n<li style=\"text-align: justify;\">Identity connect is installed on client network behind the firewall. Identity connect pushes the changes to Salesforce from client&#8217;s network.<\/li>\n<li style=\"text-align: justify;\">If we want to use Identity Connect as a SSO and user wants to use Salesforce from outside company network or on mobile phone, then its login page must be accessible on internet. This can be done by installing Identity Connect on <a href=\"https:\/\/en.wikipedia.org\/wiki\/DMZ_(computing)\">De-militarized Zone (DMZ)<\/a>.<\/li>\n<li style=\"text-align: justify;\">Identity connect is used for <strong>User provisioning but not for Just in Time (JIT)<\/strong> provisioning.<\/li>\n<li style=\"text-align: justify;\">We can use Identity connect as a SSO. If customer already has SSO implemented then Identity connect can only be used for user provisioning.<\/li>\n<li style=\"text-align: justify;\">One Identity Connect can be used for multiple Salesforce instances however all production or all sandboxes. If you want to use Identity connect for production and Sandbox at same time, then we would need two Identity Connect, one for Sandbox and other for Production.<\/li>\n<li style=\"text-align: justify;\">Identity Connect will work with only one Active Directory but it can have multiple domains in same AD.<\/li>\n<li style=\"text-align: justify;\"><strong>Integrated Windows Authentication (IWA)<\/strong> is supported by Identity Connect using\u00a0<strong>Kerberos\u00a0<\/strong>authentication protocol. Means, if user is already logged into company provided windows system, then login screen would be bypassed and Salesforce login experience would be seem less.<\/li>\n<li style=\"text-align: justify;\">\u00a0Scheduled sync uses more API&#8217;s then realtime schedule. Because, Schedule sync checks for changes in all Salesforce users vs all AD users.<\/li>\n<\/ul>\n<p><!--more--><\/p>\n<p><strong>Resources<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/trailhead.salesforce.com\/modules\/identity_connect\">Trailhead Module<\/a><\/li>\n<li><a href=\"https:\/\/success.salesforce.com\/featuredGroupDetail?id=a1z30000006IDZJAA4#a0L3000000Rq7JgEAJ\">Trailblazer Community<\/a><\/li>\n<li><a href=\"http:\/\/resources.docs.salesforce.com\/rel1\/doc\/en-us\/static\/pdf\/identity_connect_impl_guide.pdf\">Identity Connect Implementation guide<\/a><\/li>\n<li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Integrated_Windows_Authentication\">Integrated Windows Authentication (IWA)<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Short &#038; quick note about Salesforce Identity product<\/p>\n","protected":false},"author":1,"featured_media":6459,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"jz_research_post":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[9],"tags":[441,442,239,237],"class_list":["post-6455","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-salesforce","tag-active-directory","tag-identity-connect","tag-single-sign-on","tag-sso"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/04\/Salesforce-Identity-Connect.png?fit=1000%2C400&ssl=1","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":6439,"url":"https:\/\/www.jitendrazaa.com\/blog\/microsoft\/video-use-microsoft-azures-active-directory-as-identity-provider-for-salesforce-sso-in-15-minutes\/","url_meta":{"origin":6455,"position":0},"title":"Video &#8211; Use Microsoft Azure&#8217;s Active Directory as Identity Provider for Salesforce SSO in 15 Minutes","author":"Jitendra","date":"March 23, 2018","format":false,"excerpt":"Video tutorial on how to use Microsoft Azure's Active Directory as a Identity Provider for Salesforce. It uses Federated Single Sign On (SSO) feature of Salesforce","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/www.jitendrazaa.com\/blog\/category\/microsoft\/"},"img":{"alt_text":"Salesforce Azure SSO in 15 minutes","src":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/03\/Screen-Shot-2018-03-23-at-2.58.29-PM.png?fit=1200%2C672&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/03\/Screen-Shot-2018-03-23-at-2.58.29-PM.png?fit=1200%2C672&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/03\/Screen-Shot-2018-03-23-at-2.58.29-PM.png?fit=1200%2C672&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/03\/Screen-Shot-2018-03-23-at-2.58.29-PM.png?fit=1200%2C672&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/03\/Screen-Shot-2018-03-23-at-2.58.29-PM.png?fit=1200%2C672&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":3872,"url":"https:\/\/www.jitendrazaa.com\/blog\/salesforce\/implement-saml-based-single-sign-on-sso-salesforce-as-identity-provider-idp-salesforce-as-service-provider-sp\/","url_meta":{"origin":6455,"position":1},"title":"Implement SAML based Single Sign On (SSO) | Using Salesforce as Identity Provider (Idp) as well as Service Provider (SP)","author":"Jitendra","date":"April 23, 2014","format":false,"excerpt":"Previously we have seen, How to setup SAML based Single Sign On Where Salesforce will be Service Provider and some other application like AXIOM will be Identity Provider. In this article we will use one Salesforce Instance as Identity Provider and other Salesforce Instance\u00a0as Service Provider. Before starting you have\u2026","rel":"","context":"In &quot;Salesforce&quot;","block_context":{"text":"Salesforce","link":"https:\/\/www.jitendrazaa.com\/blog\/category\/salesforce\/"},"img":{"alt_text":"User Setup in SSO Salesforce","src":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2014\/04\/User-Setup-in-SSO-Salesforce1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2014\/04\/User-Setup-in-SSO-Salesforce1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2014\/04\/User-Setup-in-SSO-Salesforce1.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":6554,"url":"https:\/\/www.jitendrazaa.com\/blog\/salesforce\/salesforce-single-sign-on-sso-using-janrain\/","url_meta":{"origin":6455,"position":2},"title":"Salesforce Single Sign On (SSO) using Janrain &#8211; Video","author":"Jitendra","date":"July 22, 2018","format":false,"excerpt":"How to use Facebook, Twitter, Wechat, Microsoft, Yahoo & many more as a Identity Provider for Salesforce with the help of Janrain Auth Provider - Video included","rel":"","context":"In &quot;Salesforce&quot;","block_context":{"text":"Salesforce","link":"https:\/\/www.jitendrazaa.com\/blog\/category\/salesforce\/"},"img":{"alt_text":"Janrain Salesforce Single Sign On Execution Flow","src":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/07\/Janrain-SSO.png?fit=1200%2C572&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/07\/Janrain-SSO.png?fit=1200%2C572&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/07\/Janrain-SSO.png?fit=1200%2C572&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/07\/Janrain-SSO.png?fit=1200%2C572&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2018\/07\/Janrain-SSO.png?fit=1200%2C572&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":3830,"url":"https:\/\/www.jitendrazaa.com\/blog\/salesforce\/step-by-step-guide-to-setup-federated-authentication-saml-based-sso-in-salesforce\/","url_meta":{"origin":6455,"position":3},"title":"Step by step guide to Setup Federated Authentication (SAML) based SSO in Salesforce &#8211; Video Tutorial","author":"Jitendra","date":"April 14, 2014","format":false,"excerpt":"In this post, We will be dicussing how to setup\u00a0Federated SAML based Authentication in Salesforce. SAML stands for \"Security Assertion Markup Language\" and it is Open standard for exchanging Authentication and Authorization between Systems. SAML based authentication is supported by all editions of Salesforce. User Validation can be initiated by\u2026","rel":"","context":"In &quot;Salesforce&quot;","block_context":{"text":"Salesforce","link":"https:\/\/www.jitendrazaa.com\/blog\/category\/salesforce\/"},"img":{"alt_text":"Login using SAML Response from AXIOM","src":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2014\/04\/Login-using-SAML-Response-from-AXIOM.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2014\/04\/Login-using-SAML-Response-from-AXIOM.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2014\/04\/Login-using-SAML-Response-from-AXIOM.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2014\/04\/Login-using-SAML-Response-from-AXIOM.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":4807,"url":"https:\/\/www.jitendrazaa.com\/blog\/salesforce\/salesforce-to-salesforce-integration-using-canvas\/","url_meta":{"origin":6455,"position":4},"title":"Salesforce to Salesforce integration using Canvas","author":"Jitendra","date":"September 14, 2015","format":false,"excerpt":"After writing this article Salesforce has enabled CSP (Content Security Policy) which restricts adding Salesforce in iFrame. We can add MyDomain URL as CSP whitelisting and it works only if user already logged into other Salesforce instance. However, if user is not logged into other instance , internally OAuth navigates\u2026","rel":"","context":"In &quot;Salesforce&quot;","block_context":{"text":"Salesforce","link":"https:\/\/www.jitendrazaa.com\/blog\/category\/salesforce\/"},"img":{"alt_text":"Force.com Canvas Application Demo with Complete Source code","src":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2015\/09\/Force.com-Canvas-Application-Demo-with-Complete-Source-code.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2015\/09\/Force.com-Canvas-Application-Demo-with-Complete-Source-code.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2015\/09\/Force.com-Canvas-Application-Demo-with-Complete-Source-code.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":6975,"url":"https:\/\/www.jitendrazaa.com\/blog\/salesforce\/salesforce-integration-patterns-best-practices-with-video\/","url_meta":{"origin":6455,"position":5},"title":"Salesforce Integration Patterns &#038; Best Practices &#8211; with Video","author":"Jitendra","date":"February 2, 2020","format":false,"excerpt":"When to use which integration patterns in Salesforce along with best practices. Video to show how to use Outbound message to integrate Salesforce without writing code","rel":"","context":"In &quot;Salesforce&quot;","block_context":{"text":"Salesforce","link":"https:\/\/www.jitendrazaa.com\/blog\/category\/salesforce\/"},"img":{"alt_text":"Integration Patterns in Salesforce","src":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2020\/02\/Integration-Patterns-in-Salesforce.png?fit=1200%2C425&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2020\/02\/Integration-Patterns-in-Salesforce.png?fit=1200%2C425&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2020\/02\/Integration-Patterns-in-Salesforce.png?fit=1200%2C425&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2020\/02\/Integration-Patterns-in-Salesforce.png?fit=1200%2C425&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.jitendrazaa.com\/blog\/wp-content\/uploads\/2020\/02\/Integration-Patterns-in-Salesforce.png?fit=1200%2C425&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/posts\/6455","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/comments?post=6455"}],"version-history":[{"count":8,"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/posts\/6455\/revisions"}],"predecessor-version":[{"id":6579,"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/posts\/6455\/revisions\/6579"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/media\/6459"}],"wp:attachment":[{"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/media?parent=6455"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/categories?post=6455"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jitendrazaa.com\/blog\/wp-json\/wp\/v2\/tags?post=6455"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}