This document provides the instructions for setting up UPSSO as a Third Party IDP to Salesforce application using OpenID.


  1. Administrator access to the UPSSO portal.

  2. Administrator access to the Salesforce application.


  1. Login into UPSSO portal as an administrator

  2. Click on the “Application Management” from the left side navigation menu.

  3. Click on the “+ New Record” button. And click the Openid Application.

  1. Enter the given fields to configure salesforce openid.

  • Name : Enter the name of the salesforce openid

  • Client id : Enter the client ID of the salesforce openid

  • Redirect url : Enter the redirect URL

  • Sub field : choose the sub field

  • Click url : Enter the click URL

  • Application Image : Select the openid logo


  1. Login into the Salesforce application as an administrator user.

  2. Search and click on the “Auth. Providers”.

  3. Click New

  4. For the provider type, select OpenID Connect.

  5. Enter a name for the provider.

  6. Enter the URL suffix, which is used in the client configuration URLs. For example, if the URL suffix of your authentication provider is MyOpenIDConnectProvider, your SSO URL is similar to https://mydomain_url or site_url /services/auth/sso/OpenIDConnectProvider.

  7. For Consumer Key, use the client ID from your OpenID provider.

  8. For Consumer Secret, use the client secret from your OpenID provider.

  9. For Authorize Endpoint URL, enter the base URL from your OpenID provider - https://<UPSSO_SERVER_HOST>/upsso/openid-authorize

  10. Enter the token endpoint URL from your OpenID provider - https://<UPSSO_SERVER_HOST>/upsso/openid-token

  11. Token Issuer - field identifies the source of the authentication token in the form https://<UPSSO_SERVER_HOST>/upsso/

  12. Save the settings.


  1. Login into the UPSSO portal as a user having the same email address as a salerforce user.

  2. Click on the Salesforce OpenID.

  3. Select the OTP method and enter the OTP and click on the Verify button.

  4. Consent screen will be displayed , click on accept to login to the application.

  1. Users will be able to access the salesforce application.