CRM Portal external authentication with custom provider using SAML2

(0) Share

Report

Posted on by PranavShroti

4,510

Dear All,

We have a requirement where in we have to authenticate CRM community portal users using custom in-house authentication provider using SAML2 (not oAuth2).

Custom provider is working fine with salesforce community portal using SAML2 already.

Running through multiple blogs and administrative guide of portal below are my findings:
1. Apart from "ADFS" and "Shibboleth Identity Provider" there are no examples and samples available for any third party providers.
2. Settings are different for each custom identity provider.
3. For setting up SAML2 this URL is referred: "https://portal.contoso.com/signin-saml2" I am not sure whether this is what is SAML2 url.

Can anyone suggest how to approach this.

Thanks in advance.

Pranav

*This post is locked for comments

All responses (6)

Answers (0)

sam hajjar 25 on at

Like (0)

Report

RE: CRM Portal external authentication with custom provider using SAML2

Dear all,

Have you been able to advance in that matter?

Can you describe adopted solution or share some tips.

Thanks,

Sam
Community Member Microsoft Employee on at

Like (1)

Report

RE: CRM Portal external authentication with custom provider using SAML2

Hi there,

We are currently seeing the exact same behaviour.

- We are successfully authenticating at our IDP and then seeing a SAML 2.0 assertion get POSTED back to our Adoxio xRM Portal's /signin-saml2 page

- But then we get the Custom Portal "Page Not Found" page displayed, exactly as per your screenshot.

We're trying to debug everything possible, but there's not a lot of logging available to help tell us why the Adoxio xRM Portal isn't happy.

Can anyone help?
Suggested answer

imKtripathy on at

Like (0)

Report

RE: CRM Portal external authentication with custom provider using SAML2

Hi David, validate if your auth provider is using POST method while sending the response back to the portal.
Community Member Microsoft Employee on at

Like (0)

Report

RE: CRM Portal external authentication with custom provider using SAML2

We are getting page not found within the portal

when usinh clienportalname.microsoftcrmportals.com/signin-saml2

Any ideas?
PranavShroti 4,510 on at

Like (0)

Report

RE: CRM Portal external authentication with custom provider using SAML2

Thanks for the response Kunal.

We have hosted our server on Azure which provides end points for applications hosted.

FEDERATION METADATA DOCUMENT

https://login.windows.net/<<AppID>>/federationmetadata/2007-06/federationmetadata.xml

SAML

SAML-P SIGN-ON ENDPOINT

https://login.windows.net/<<AppID>>

SAML-P SIGN-OUT ENDPOINT

https://login.windows.net/<<AppID>>/saml2

OAUTH 2.0 TOKEN ENDPOINT

https://login.windows.net/<<AppID>>/oauth2/token

OAUTH 2.0 AUTHORIZATION ENDPOINT

https://login.windows.net/<<AppID>>/oauth2/authorize
imKtripathy on at

Like (0)

Report

RE: CRM Portal external authentication with custom provider using SAML2

HI Pranav,

CRM Portals support SAML2 and https://portal.contoso.com/signin-saml2 is the correct url, The support for SAML 2.0 is limited to IDP initiated profile only and doesn't have support for SP-initiated authentication.

Thanks,

Kunal

CRM Portal external authentication with custom provider using SAML2

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Top 10 leaders for November!

Tips for Writing Effective Suggested Answers

Leaderboard

Featured topics

Product updates

CRM Portal external authentication with custom provider using SAML2

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Top 10 leaders for November!

Tips for Writing Effective Suggested Answers

Subscribe to

Leaderboard

Featured topics

Product updates