Skip to main content
All CollectionsAdministrative guides
Provision users from Salesforce and set up auto-login flows
Provision users from Salesforce and set up auto-login flows

Salesforce SSO, Salesforce provisioning; Single sign on; Salesforce single sign on; Elements provisioned user

Updated over 3 months ago

You can provision selected or all users from your Salesforce Org to Elements workspace and also set-up auto-login flows between the two systems.

This ensures seamless workflow between the two applications, ensuring that when users log in to one of the systems, they can easily access the other.

Prerequisites

Before you attempt steps outlined in this guide, ensure you have completed all steps in the Connect and Sync a Salesforce Org manual.


Considerations

The steps outlined in this manual should be applied in the connected Salesforce Production Org.

You should consider setting up auto-login flows when:

Provision users

You can provision users from Salesforce using either their email address or federation ID.

Provisioning results in two outcomes:

  • User account is created automatically in Elements based on account in Salesforce

  • User can log in to Elements application using their Salesforce account (Single Sign-On)

Provision users using email address (default)

  1. In Salesforce, go to your list of Salesforce Apps and choose "Elements".

  2. Open the "Elements Settings" tab in the managed package.

  3. Open the "Connect users (SSO)" sub-tab

You should see the following screen:


From the selected list, you can select the individual users that should have access to Elements:

  • Use the checkbox to select the users

  • Click "Connect users" to provision them to Elements App

The system will create a new Elements user account based on the Salesforce user email. If that email already exists in the system, we will simply connect to that account.

Provision users using Federation ID

  1. In Salesforce, go to your list of Salesforce Apps and choose "Elements".

  2. Open the "Elements Settings" tab in the managed package.

  3. Open the "Connect users (SSO)" sub-tab

  4. Click on the Login Option and select ‘Federation ID’ from the dropdown.

    The default Login Option is Email and you can switch the login option to Federation ID to connect users using the Federation ID.

    Once the Login Option is switched to Federation ID, a custom field appears where you can add a custom domain for the Federation ID and ‘Save’. From the screenshot below, the Federation Email column is updated with the added custom domain.

Auto-provision new users

At the bottom of the "Connect Users (SSO)" tab, there is an “Assign new Salesforce user to Elements” checkbox.

If turned on, it will reveal a new section called Provisioning Settings.

Select the Profiles of users whom you want to automatically provision to Elements when they are created or assigned to that profie.

Un-provision users

In order to take away someone's access from the Elements App:

  • Go to the same screen as explained in the Provision section

  • Find the users you wish to unprovision and uncheck the checkbox against their account

  • Click "Disconnect users" to commit the operation

Un-provisioning results in one outcome:

  • User cannot longer log in to Elements application using their Salesforce account (Single Sign-On)

However, it is important to understand that their elements account continues to exist - it is just that they will have no way of accessing it.

Set auto-login flow between Salesforce and Elements

You can ensure that whenever user logs in to Salesforce, they are automatically logged in to Elements. That will significantly speed up adoption of Elements admin insights and end user help within Salesforce.

Create a VisualForce Page

In Salesforce, go to the Elements app, selects the Elements Settings tab and the Elements Login Flow sub tab.

  1. Create a new VF Page.

  2. Give it a name and check the "Available for Lightning Experience... " check box

  3. Delete the code that is in the empty VF Page and paste in this code below :

    <apex:page controller="Q9.ElementsGenericExtensionController" action="{!setElementsLoginTokenToCookie}"></apex:page>
  4. Save the VF Page.

  5. From the list of VF Pages, set up Security for each Profile.

Create a Login Flow for each Profile, referencing the VF Page

For each Profile:

  • Create a new Login Flow

  • Select the VisualForce Page you have just created.

  • Select the user license and Profile to apply this Login Flow to

Did this answer your question?