Setting up Social Sign On in Salesforce Communities

Sep 28, 2020

sales, marketing and service
automotive
chemicals
discrete manufacturing

share on

With everyone and everything more connected than ever before, it has become common to use a social media account as a means to register for and log into other platforms. Salesforce Community also supports Social Sign On and enables users to access your Community with their social media account. Let's find out how to do so.

Authentication Providers

An [...] authentication provider lets your users log in to your Salesforce org using their login credentials from a third-party service provider. In other words, we can ask Google (or any other authentication provider) to confirm with Salesforce that we are who we say we are, and we can let Salesforce decide on what to do with this information.

An authentication provider needs only a little configuration. Let’s do this first by navigating to setup > Identity > Auth. Providers, clicking on ‘New’ in the authentication provider list and selecting ‘Google’. Salesforce supports most of the popular authentication providers such as Google, Apple ID Facebook, LinkedIn and Twitter. It is even possible to use your own, custom authentication provider.

Now for the authentication provider details: for our convenience, Salesforce does most of the heavy lifting, so we don’t necessarily need to fill in a lot of details. In its most basic form, we only need to provide the following information:

Name: The name of the URL provider. This is the label that will be displayed on your community login page.
Registration Handler: This is the small bit of code we talked about earlier. Here we will define the matching process between the data received from the authentication provider and our Salesforce user. In short: this article matches the authentication data’s email-address with the e-mail address of a user in Salesforce, and logs in as that user when found. The ‘Automatically create a registration handler template’ link can be used to generate a basic registration handler Apex class.
Execute Registration As: The registration handler Apex class will run in the context of the specified user, so make sure this user has the Manage Users permission!
Icon URL: The icon that will be displayed on the community login page.

Let's match the users

The registration handler takes care of the matching process between a Salesforce user and the authentication data received from the authentication provider. As this Apex class must implement the Auth.RegistrationHandler interface, we must implement two methods:

createUser: Here, we do the matching. We can decide on which fields to look for a corresponding user in Salesforce and we can even create a new user when we can’t find a match.
updateUser: Updates the specified user’s information. This method is called in if the user has logged in before with the authorization provider and then logs in again. This method can be empty if we don’t want to update the user’s information with the received authentication information.

The authentication information that we receive depends on the authentication provider but most common fields such as an e-mail address are nearly always there.

Enabling Social Sign On as a login option

The last piece of the puzzle is to enable your freshly made authentication provider as a login option in your community. This can be done by navigating to the community’s ‘Administration’ section (Setup > Communities > All Communities > Workspace > Administration) and checking the authentication provider’s box under the ‘Login and registration’ tab.

When a user now tries to log in to your community, he or she will have the option to log in with a social media account, just like all the other cool kids!