Configure Salesforce as an Identity Provider (IdP) for OAuth SSO integration with Webcastcloud.
Salesforce Configuration Steps:
-
Create a Connected App in Salesforce:
- Log in to your Salesforce account.
- Navigate to Setup.
- In the Quick Find box, type App Manager and select App Manager.
- Click New Connected App.
- Fill in the required fields:
- Connected App Name: Webcastcloud SSO
- API Name: Webcastcloud_SSO
-
Contact Email: [Your Email]
-
Configure OAuth Settings for the Connected App:
- In the API (Enable OAuth Settings) section:
- Enable OAuth Settings: Check this box.
-
Callback URL: Enter your Webcastcloud redirect URI. Example:
https://{yourWebcastcloudDomain}/oauth/sso
-
Selected OAuth Scopes:
Access the identity URL service (id, profile, email, address, phone)
Manage user data via APIs (api)
Access unique user identifiers (openid)
-
Use digital signatures: Optional based on your security needs.
- Web App Settings:
- Start URL: Enter your Webcastcloud Authenticate SSO Login URI. Example:
https://{yourWebcastcloudDomain}/oauth/authenticate
-
- Start URL: Enter your Webcastcloud Authenticate SSO Login URI. Example:
- Click Save.
- In the API (Enable OAuth Settings) section:
-
Retrieve Salesforce Credentials:
- After saving, Salesforce will display the Consumer Key (Client ID) and Consumer Secret (Client Secret).
- Copy these values as they will be used in Webcastcloud integration.
-
Set OAuth Policies:
- In your connected app settings:
- IP Relaxation: Relax IP restrictions.
-
Refresh Token Policy: Choose as per your security requirements (e.g.,
Expire refresh token after specific time
). - OAuth Policies: Adjust based on your organizational policies.
- In your connected app settings:
Webcastcloud Configuration Steps:
-
Login to Webcastcloud Admin:
- Navigate to the Webcastcloud admin portal.
- Go to Integrations > Platform > OAuth2 > Edit.
-
Enter Salesforce Integration Details:
- Tenant ID: Paste the OrgID from Salesforce (found in Company Information).
-
OAuth Authorization URL:
- Production:
https://login.salesforce.com/services/oauth2/authorize
- Test/Staging:
https://test.salesforce.com/services/oauth2/authorize
- Production:
-
OAuth Token URL:
/token
- Client ID: Paste the Consumer Key from Salesforce.
- Client Secret: Paste the Consumer Secret from Salesforce.
-
User Info URL:
/userinfo
-
Member Attribute Mapping:
- Map Salesforce properties to Webcastcloud member fields:
-
email
->Email
-
family_name
->Last Name
-
given_name
->First Name
-
groups
->Member Group
-
user_id
->IntegrationUid
-
- Note: Additional values may be mapped as per integration requirements.
- Map Salesforce properties to Webcastcloud member fields:
-
Activate OAuth2 Integration:
- Go to Integrations > Platforms.
- Toggle on OAuth2.
-
Enable SSO Login Button:
- Navigate to Settings > Registrations.
- Turn on SSO Login Button.
Troubleshooting Tips:
- Ensure all URLs are correctly encoded.
- Verify the
Client ID
andClient Secret
are accurate. - Check for proper OAuth scope settings in Salesforce.
- Review Salesforce IP relaxation and token policies to match your security needs.
- Test the integration in a sandbox environment before moving to production.
These steps should guide you through setting up Salesforce OAuth SSO with Webcastcloud. If issues persist, refer to Salesforce and Webcastcloud documentation or contact support for further assistance.