All Collections
UGC Settings
SSO: How to Setup Nosto's UGC as a SalesForce Connected App
SSO: How to Setup Nosto's UGC as a SalesForce Connected App
Dan Macarie avatar
Written by Dan Macarie
Updated over a week ago

The below steps outline how you can leverage your SalesForce Account as a SAML IdP with Nosto, allowing your users to log into Nosto's UGC using the same credentials they use for SalesForce CRM and other SalesForce products.

1. Enable your SalesForce My Domain

If you haven't done so already, to leverage SalesForce as your IDP you will need to set a 'My Domain' for your CRM instance.

My Domain allows you to set up a custom domain for your SalesForce URL which can be branded specifically for your company.

To do this, simply go to 'Setup > Administration Setup > My Domain'.

Enter a domain for your organization and Deploy it for all users.


2. Download your IDP metadata File

The next step is to download the Federated Metadata file for your SalesForce instance. To do this, simply go to 'Setup > Administration Setup > Security Controls > Identity Provider'.

This page will provide a high-level overview of the Identity Providers setup on your SalesForce instance. Simply click on the 'Download Metadata' button and keep the XML file provided. You will need this to provide to Nosto later.


3. Provide your IDP Metadata File and domain to Nosto

The next step is to provide the downloaded IDP Metadata File and domain to Nosto.

To do this, simply email your Customer Success Account Manager with the following details:

  • IDP Metadata File (The XML File you downloaded earlier)

  • Domain (ie.

The domain(s) will determine which users are forced to sign in via SalesForce moving forward. Nosto will provide as a follow-up to this the relevant Entity ID, ACS URL, and Single Logout URL you require to complete the next step.

4. Setup your Connected App

The final step in the process is to build a Connected App. To do this go to 'Setup > Manage Apps > Connected Apps' and click on 'New'.

From here you must first name your App provide it with an Icon and then provide the Web App settings.

Values like Entity ID, ACS URL, and Single Logout URL will be unique per SalesForce instance. Values that will be consistent are:

  • Enable SAML: Yes

  • Enable Single Logout: Yes

  • Single Logout Binding: HTTP Redirect

  • Subject Type: Username

  • Name ID Format: urn:oasis:name:tc:SAML:1.1:nameid-format:emailAddress

  • IDP Certificate: Default IDP Certificate


Once populated you can now hit Save and elect which users will be able to see the Connected App and connect through this to Nosto.


For any further questions or queries, please send an email to and our support team will get back to you.

Did this answer your question?