This article is about configuring SSO for your ideas portal. Read these articles if you want to configure SSO for your Aha! Ideas account.
Aha! Ideas | Portal SSO | Salesforce
Salesforce has the ability to function as a single sign-on (SSO) identity provider for Aha! Ideas using SAML 2.0. It is a popular option among customers who have an active customer community being run through Salesforce already, and is commonly used to allow the Salesforce community users to authenticate into an Aha! Ideas portal using their Salesforce community credentials.
Click any of the following links to skip ahead:
Enable Salesforce as an identity provider
To do this, follow the instructions on Salesforce's knowledge base.
You can also integrate with the Salesforce app, to allow Salesforce users to add and vote on ideas in your ideas portal.
The configuration described in this article establishes a SAML based authentication where your Salesforce community users are able to use their Salesforce community credentials to log into your Aha! Ideas portal. If your objective is to seamlessly authenticate these users from your Salesforce community site into your ideas portal, you may want to consider utilizing a JSON Web Token (JWT) single sign-on approach.
Salesforce can also function as the identity provider to allow all users to authenticate into the actual Aha! Ideas application, although that is a much less common workflow.
Configure Salesforce SSO in Aha! Ideas
With Salesforce set up as an identity provider, you can then go into Aha! Ideas and enable SSO for your ideas portal (or account).
To do this, you will need to open your ideas portal settings. Navigate to Settings ⚙️ Account Ideas portals and organizations or Ideas Overview. You will need to be an administrator with customizations permissions to configure an ideas portal.
From your account settings, click the name of the ideas portal you wish to edit.
From Ideas Overview, click the pencil icon by the name of the ideas portal you wish to edit.
Once your ideas portal settings are open, navigate to Users SSO.
Click Add new provider.
Choose SAML as your identity provider Type. Click Save.
The SAML 2.0 configuration will display.
Configure Salesforce as your identity provider. There are many different valid configurations for this step.
When configuring SSO with Salesforce, the single sign-on endpoint field in Aha! needs to be populated with the SP-Initiated Redirect Endpoint URL from the SAML Login Information settings in Salesforce. The default endpoint provided by Salesforce utilizes a HTTP POST as opposed to a HTTP GET that is expected when running SSO.