Post an Idea
110  Points
Open
Idea has been posted. Give it an upvote or downvote.

OAuth SAML Assertion & JWT Bearer Grants should allow matching on Federation Id

Salesforce supports obtaining an OAuth 2 access token by posting either a SAML assertion or a JWT to the token endpoint URL. This has the potential to be a very powerful feature for allowing for seamless, "single sign on" authentication to… Show more

1 comment · 4 months ago

80  Points
Open
Idea has been posted. Give it an upvote or downvote.

CORS Support for Identity APIs

Cross-Origin Resource Sharing (CORS) enables web browsers to request resources from origins other than their own (cross-origin). For example, using CORS, JavaScript code at https://www.example.com could request a resource from https://www.salesforce… Show more

0 comments · 3 months ago

30  Points
Open
Idea has been posted. Give it an upvote or downvote.

Add CORS support to Identity URLs

The OAuth2 open standard is desinged to allow an application in one realm to easily authenticate using creds from another realm. SFDC has many OAuth flows - which is GREAT, however, a basic building block to cross realm identity is not working: CORS… Show more

1 comment · 1 year ago

220  Points
Open
Idea has been posted. Give it an upvote or downvote.

Native Support for JSON Web Tokens in Named Credentials

Many modern RESTful web service APIs are implementing JSON Web Tokens for authentication, which significantly streamlines and enhances the HTTP authentication process. Named Credentials can store the endpoint, username, and password for external web… Show more

3 comments · 1 year ago

150  Points
Open
Idea has been posted. Give it an upvote or downvote.

Enhance 2 factor authentication for automated verification in trusted ip ranges

In the session seeting. If I set the "Allow location-based automated verifications with Salesforce Authenticator", user can store trusted location and login without 'Approve' from authenticator app. However, this has a security… Show more

1 comment · 11 months ago

20  Points
Open
Idea has been posted. Give it an upvote or downvote.

Log and/or Expose X-Forwarded-For Client information in AuthSession

Often user logins are originating behind a corporate proxy, and only that proxy's IP address is recorded as the SourceIP in a user's AuthSession/Login History. It would be helpful to have the standard X-Forwarded-For HTTP header used to… Show more

0 comments · 2 years ago

70  Points
Open
Idea has been posted. Give it an upvote or downvote.

Support the OpenID Connect Hybrid Flow

The OpenID Connect hybrid flow exists to mitigate known risks in the OAuth 2.0 spec. However the hybrid flow is not currently supported when adding an authentication provider in Salesforce. Please support the hybrid flow in order to improve security.… Show more

1 comment · 1 year ago

80  Points
Open
Idea has been posted. Give it an upvote or downvote.

Allow app-specific passwords

Sometimes I need to use an app that integrates with Salesforce that doesn't use oauth. Rather than have it store my password, I'd like to be able to generate an app-specific password so I can easily revoke access. Google and many other cloud… Show more

1 comment · 2 years ago

10  Points
Open
Idea has been posted. Give it an upvote or downvote.

Salesforce footer on login flow

Hello,  We are using Login Flow functionality to register users in the community (identity manager) , where a flow is run at login.. Is there any way to remove the footer that appears when a Login Flow is used? Currently it shows "salesforce.com… Show more

0 comments · 23 days ago

30  Points
Open
Idea has been posted. Give it an upvote or downvote.

SSO-Single Sign-On: Customize Confirmation Email on "User Email Address" changed

Story: I have implemented Single Sign-On our Salesforce Application, users don't login on Standard Login Page with Salesforce Username and Password. My users login with the Single Sign-On credentials provided by the organization. It works… Show more

1 comment · 2 years ago

1 to 10 of 61 | Next