The following is the FAQ for Webinar: Social Sign-On with Authentication Providers (2012-Apr)

General Questions

Q: Will the webinar be available online?
A: Yes - you can view the webinar at the webinar wiki page.

Q: Can I download the slides from the webinar?
A: Yes, you can download a PDF of the webinar slides on the webinar wiki page.

Q: When will Authentication Providers be available?
A: Authentication Providers are available right now - they were released in Spring '12.

Q: Is there an additional cost for the Authentication Providers feature?
A: No - Authentication Provider functionality is included in Unlimited, Developer, Enterprise, and Professional Editions.

Q: Where can I get more information about Authentication Providers in general?
A: There are several resources available:


Q: I would like to use this Social Sign-On (SSO) solution to let users participate in conversations around records. Think eBay listings where customers can participate in discussions around auctions. Is there a forum solution offered by Salesforce that I could use in combination with this SSO solution to build something like this?
A: Yes - you could use this with Chatter Answers.

Social Sign-On to Portals

Q: Can you explain how Social Sign-On might work for existing portal users that want to start using their Facebook account for authentication?
A: Authentication Settings include a URL for current users that will allow a link to be created. A demo of this is included in the Spring '12 release webinar.

Q: Is the portal picklist only to specify where new users are created? Can one Authentication Provider configuration be shared between several portals?
A: Not currently. Authentication Provider is per portal as the users are per portal. We might allow mapping multiple portals in the future.

Q: Can we use Social Sign-On for the Self-Service Portal?
A: No, it's only available for Partner Portal and Customer Portal.

Q: Does Social Sign-On work with Customer Portals using the Authenticated Website User license?
A: Yes.

Registration Handler

Q: Pat inserted the Contact record, but not the user record for the portal user. Was that intentional? So the user is never written to the database?
A: The user is returned from the Registration Handler. Salesforce.com handles the insertion of the user on your behalf.

Q: How about triggering a welcome email requesting a contact update in salesforce.com?
A: You could extend the Registration Handler code to do this via Messaging.SingleEmailMessage.

Q: How do you set up the contact in SFDC to use Social Sign-On?
A:The contact would need to be portal-enabled, either for Customer or Partner Portal. You can try this out in a Developer Edition org by enabling Partner Portal in the setup menu, enabling an account as a Partner account, and then enabling the contact as a Partner user.

Q: Will you be sharing these code samples so the we can try to replicate this demo scenario?
A: Yes - the code is available online.

Q: Is the Registration Handler like a trigger or event handler?
A: Similar - it's most like a Site Registration Controller, except it's executed during Social Sign-On rather than based on registration form input.

Q: How can I debug errors in the Registration Handler?
A: Log into salesforce.com as the user you selected in the 'Execute Registration As' field when you configured the Authentication Provider. Open the Developer Console (Your Name | Developer Console) and uncheck 'This Session Only'. Now the output from the registration handler will be logged to the Developer Console.

Configuration

Q: Is the callback URL different for each developer instance?
A: Yes, the callback URL is unique for every authentication provider.

Q: Does this work with PersonAccounts?
A: No.

Q: How do I implement Facebook login functionality in my developer org?
A: When you are setting up the authentication provider, you can select 'none' as the portal. This enables login into the org itself.

Identity Providers

Q: Is LinkedIn on the Roadmap?
A: You can configure the Janrain widget to allow users to authenticate at LinkedIn.

Q: Can Auth providers help in dual roles for a subject? For example, an internal employee who does CRM on a salesforce.com org during daytime works as a part-time employee at Facebook during off hours. Can a salesforce.com app be made to behave differently based on where the user comes from using a single login credential?
A: Sorry, this is not supported.

Q: Can developers utilize Janrain Social Sign-On today to get access to custom scopes the same day?
A: Yes

User Experience

Q: Will users still have salesforce.com password-based access to the orgs they tie an auth provider to?
A: Yes - users can still have password-based access to portals and orgs.