I have an external .net mvc5 app and we want a way to use that app from salesforce. I can create a webtab to open that application. But this would mean i would need to ask users to login into asp.net application.
Is there a way i can use the salesforce credentials to directly login into .net mvc5 app ? I know i can make the .net app to accept the salesforce identity, i wanted to know since the salesforce user is already logged in to salesforce, can we somehow use this to login to the .net app. i really dont want to user to enter his credentials once again when he/she tries to access the .net app from salesforce
Best Answer
What about turning on Salesforce as an Identity Provider and standing up your .NET app as a Service Provider? Then, using SP-initiated SAML, if a user already has a session on Salesforce, should be seamlessly taken into the .NET app (ETA: when they hit the web tab with the .NET app in it).
We did this a few years ago for a client (pre-Canvas) with just basic iframe integration and the experience was seamless (minus the small but noticeable browser redirects involved in every SAML transaction).