How to add the Federation ID attribute for SalesForce endpoint

book

Article ID: 128972

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

The SalesForce Federation ID value is used to identify a user for federated authentication single sign-on. It is used to map SalesForce users with an Active Directory users in order that the user can be authenticated with an Active Directory (AD) password.  Unfortunately there is no default option in the CA Identity Manager SalesForce endpoint to include the "Federation ID".

Is there a way to incorporate the Federation ID attribute into CA Identity Manager?

Environment

CA Identity Manager 14.2
CA Identity Suite 14.2

Resolution

1. Open CA Identity Manager connectorXpress and connect to the Provisioning Server (PS) and right click on “Salesforce” then select “create project” (see screenshot below.
 

<Please see attached file for image>

SalesForce Endpoint


2. Once project has been created then expend ‘Classes’  -> expand ‘User Account’  -> click on ‘Attribute’ -> Scroll it down and add the attribute as highlighted in above picture.

Federation ID                  String             FederationIdentifier

3. Right click on “Salesforce” then select ‘Deploy metadata’

4. Increase the new meta data version in next step (As a best practice increase the minor version ex:  from  5.0 to 5.1).

5. Click Yes . Make sure it is completed successfully.

6. Restart Provisioning server and open new provisioning manager ONLY (not IM UI). 

7. Restart JCS (Java Connector Service)

8. View the properties of an account. 
 

<Please see attached file for image>

Account Properties
 

 

Attachments

1558689064458000128972_sktwi1f5rjvs16ftc.png get_app
1558689061473000128972_sktwi1f5rjvs16ftb.png get_app