[SalesForce] Single Sign on URL of Salesforce SSO

I am trying to enable SSO in my Salesforce Unlimited Org. The Identity Provider is asking for the following details

'Still Single Sign on URL is missing, as this is one SP initiated SSO so this SSO URL is mandatory'

I am not sure what is SP initiated SSO and what is the Single Sign on URL. I am fairly new at Salesforce and any help would be really appreciated.

Best Answer

SP-initiated SSO (SP means "Service Provider") is one of the two types of initiation that can occur with SSO (the other being IdP-initiated, for Identity Provider). The former means that Salesforce starts the process, typically when the user visits a special Salesforce URL like "https://mycompany.my.salesforce.com", while the latter is what occurs when the user visits a specially crafted login URL within a network, such as "http://salesforce/".

Your IdP is simply asking for the URLs specified at the bottom of the Single Sign-On configuration screen under Setup > Security Controls > Single Sign-On Settings, where you'll see a Salesforce Login URL: https://mydomain.my.salesforce.com?so=00D000000000000 (actual values will vary). This information is needed because the entire protocol requires that the IdP can verify that the SP did request this, as opposed to some rogue entity simply pretending to be the SP.

If you're not sure about it, ask if they'll accept a SAML configuration file. You can download the file using Download Metadata button on the SSO configuration page. It will contain all the information they need to properly configure the IdP.