Identity and Access Management – Community (Partner and Customer)

Connect to Your Customers Across Every Channel with Salesforce Identity

50% of consumers will switch brands if a company does not have a a good online experience.

Create a seamless experience and consistent identity across multiple channels.

From a community you can select multiple login options (like Google and Facebook) we then configure the account we want them associated with. These are from the Auth Providers in setup menu. (Uses OAuth).

A default registration handler is created but can be customized.

Login Flows

Create a business flow that requires the user to complete the steps in the login before we allow them to access any items they are looking for. These are applied to a license and profile type.

Use Cases:

  • MyDomain and Communities
  • Gather missing attributes from Social Registration
  • Ask for more data
  • Present terms of service
  • Set communication preferences
  • Enforce session security policies

Tips and Tricks

  • You have to have screen element (even if the user never sees it)
  • If you assign a login flow to a system admin – keep a session open somewhere
  • Input variables:
    • LoginFlow_LoginType
    • LoginFlow_IpAddress
    • LoginFlow_UserAgent
    • LoginFlow_Platform
    • LoginFlow_Application
    • LoginFlow_Community
    • LoginFlow_SessionLevel
    • LoginFlow_UserId

Dynamic Branding

Experiences can be branded using an experience ID

  • 1 Community – Multiple brands
  • SAML and OpenID Connect Flows
  • Query parameters around login &expid=mybrand_code
  • Default Login pages in Logo and Right Frame
  • Embedded Login

Tips and Tricks

  • expid is available in a cookie (regardless of the flow)
  • Site.getExperienceId()
    • Use dynamic branding a way to influence registration, business logic, and user experience
  • {expid} substitution parameter + a CMS goes a long way

Embedded Login

Use Cases

  • Sites that don’t support SAML or OpenID Connect
  • “No browser redirect” mandates from marketing
  • Heroku-based web apps
  • Platform-based web app

Tips and Tricks

  • Don’t forget to set CORS
  • Server-side callbacks open up possibilities
  • Check for blocked cookies if you don’t see a login button
  • Try testing in Incognito browser
  • Override the default CSS with your own
    Requirement Reason In Setup
    Quick and Easy Registration Make engagement easier Auth. Providers
    Social Sign-On Reduce Friction – grow the audience Auth. Providers
    Create Accounts, PersonAccounts, Contacts & Users during registration Our contact data is our gold Registration Handlers
    Progressive Profiling and Consent Gathering Want to ask for and respect individual preferences. Ask for a bit more data over time. Login Flow
    No browser redirects on login Seamless user experience Embedded Login
    Multiple Brands from One Org Consistent brand experience Dynamic Branding

Identity for Customers

Identity for Mobile-Centric Customers

Submit a Comment