Menu

Expand
Rate this page:

Configure Salesforce SSO with Frontline

This document walks through the setup process for Salesforce SSO in Twilio Frontline.

You'll need access to your Salesforce instance and permissions to configure it, as well as access to the Twilio Console.

Register a developer account in Salesforce

If you already have a Salesforce developer account, jump straight to the next step. Otherwise, navigate to ttps://developer.salesforce.com/signup and create a free developer account.

Create a self-signed certificate in Salesforce

You'll start by creating a certificate. You'll need to share this with Twilio later.

  1. Navigate to Settings > Security > Certificate and Key Management
  2. Press Create Self-Signed Certificate button
  3. Give the certificate a label and Unique Name, e.g., SalesforceSSO
  4. Key Size default of 2048
  5. Exportable Private Key should be ticked
  6. Press Save.
  7. Press Download Certificate (you’ll need the certificate later)

Certificate and Key Edit Salesforce.png

Enable Salesforce Identity Provider in Salesforce

Make sure that the Identity Provider is enabled in Salesforce.

  1. Navigate to Settings > Identity > Identity Provider
  2. Press Enable Identity Provider button
  3. Select the certificate you created in the previous step
  4. Press Save

If you change this certificate, users won’t be able to connect to service providers until you reconfigure each service provider to work with the new certificate.

Identity Provider Setup Salesforce.png

Create a Twilio Frontline Connected App in Salesforce

Let's point Salesforce to the Frontline side of the integration.

  1. Navigate to Platform Tools > Apps > App Manager
  2. Press the New Connected App button
  3. Set Connected App Name to 'Twilio Frontline'
  4. Set API Name to 'Twilio_Frontline'
  5. Set Contact Email to a suitable email address

Create a Twilio Frontline Connected App in Salesforce.png

Web App Settings

  1. In the Web App Settings section, Enable SAML should be ticked.
  2. Set Entity ID to https://iam.twilio.com/v2/saml2/metadata/JBxxx. Just replace the example Realm SID, JBxxx, with your own Realm SID, which you can find on the Frontline Console SSO configuration page.
  3. Set ACS URL to https://iam.twilio.com/v2/saml2/authenticate/JBxxx Again, replace the Realm SID (JBxxx) with your own Realm SID.
  4. Set Subject Type to Username.
  5. Set Name ID Format to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
  6. Set Issuer to https://yourdomain.my.salesforce.com
  7. Set IdP Certificate to the one you created in the first step (e.g.,SalesforceSSO).
  8. Check that the Verify Request Signatures option is unticked
  9. Check that Encrypt SAML Response is unticked
  10. Press Save

Web App Settings Salesforce Integration w_Frontline.png

Add custom attributes

In the Manage Connected Apps dashboard, click Twilio Frontline, go to the Custom Attributes section and click the New button.

Add a New Custom Attributes:

  • Key: roles
  • Value: 'agent' (in the quote marks)

Custom Attributes Salesforce.png

Assign Profile Access to the Connected App

  1. In the Setup Home, go to Administration > Users > Profiles
  2. Select the profile you want to edit (E.g. "Standard User", "System Administrator", etc...)
  3. Under Connected App Access, check the box for the Twilio Frontline app
  4. Press Save

Setup SSO in Twilio Frontline

Almost done! Now, let’s configure the Twilio side of the integration.

  1. Open the Frontline Console SSO configuration page.
  2. Set Identity Provider Issuer to https://yourdomain.my.salesforce.com
  3. Set SSO URL to https://yourdomain.my.salesforce.com/idp/endpoint/HttpRedirect
  4. Paste in the certificate you downloaded from Salesforce.
  5. Press Save

Configure Single Sign On Salesforce.png

Now, you should be able to log into Frontline using Salesforce as the identity provider! 🎉

Troubleshooting

Authentication failed

If the Frontline application is not assigned to your User Profile in Salesforce, you will see the following error message:

Troubleshooting SSO.png

The solution is to assign your connected application to your User Profile, as it is described here.

Rate this page:

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Stack Overflow Collective or browsing the Twilio tag on Stack Overflow.

        
        
        

        Thank you for your feedback!

        Please select the reason(s) for your feedback. The additional information you provide helps us improve our documentation:

        Sending your feedback...
        🎉 Thank you for your feedback!
        Something went wrong. Please try again.

        Thanks for your feedback!

        Refer us and get $10 in 3 simple steps!

        Step 1

        Get link

        Get a free personal referral link here

        Step 2

        Give $10

        Your user signs up and upgrade using link

        Step 3

        Get $10

        1,250 free SMSes
        OR 1,000 free voice mins
        OR 12,000 chats
        OR more