Skip to content
Log in

▶️ Log in as a customer

On this page

Step 1: Enable Identity Provider in Salesforce

  1. Click the cog wheel → go to Setup.

  2. In Quick Find, search for Identity Provider.

  3. Click Enable Identity Provider.

  4. Click Edit.

  5. Click Create a new certificate.

  6. Give it a label (include the date of creation to keep track of the 1-year certificate expiry).

  7. Set Key Size to 2048, then Save.

Step 2: Extract the Certificate Fingerprint

  1. Download the certificate file.

  2. Use a tool like KeyStore Explorer (download from their site).

  3. Open the tool → click Examine a Certificate.

  4. Load the downloaded certificate.

  5. Copy the Fingerprint shown at the bottom.

Step 3: Create Store Variables in StoreConnect

  1. Go to your Store Record in StoreConnect.

  2. Navigate to Store Variables → click New.

  3. Create the first variable:

    • Key: IDP_certificate_fingerprint

    • Value: paste the fingerprint

    • Label: Login as Contact Fingerprint

    • Assign it to the store

    • Click Save and New

  4. Create the second variable:

    • Key: IDP_SSO_target

    • Value: your Salesforce Org URL + /idp/endpoint/HttpRedirect

    • Label: Login as Contact Target

    • Assign to the store

    • Click Save

Step 4: Create External Connected App

  1. In Salesforce Setup, search App Manager.

  2. Open External Client App Manager → click New External Client App.

  3. Fill in:

    • Name (e.g., StoreConnect Login as Contact)

    • Contact email

    • Logo/Image URLs

    • Info URL & Description

  4. Scroll to Web App:

    • Enable SAML

    • Select the certificate created earlier

    • Set Name ID Format to Email Address

    • Use the store domain (including https://) in:

      • Entity ID: append /auth/saml/metadata

      • Issuer: append /auth/saml/metadata

      • ACS URL: append /auth/saml/auth

  5. Click Create

Step 5: Assign Access to the App

  1. Click Edit on the app.

  2. Under Start Page, set to your Store URL.

  3. Assign the appropriate Profiles or Permission Sets (e.g., System Administrator).

  4. Click Save.

Step 6: Add a Login Field on the Contact Object

  1. Go to Object Manager → search and select Contact.

  2. Go to Fields & Relationships → click New.

  3. Choose Formula → click Next.

  4. Name it something like Login to Store.

  5. Set the data type to Text → click Next.

  6. In the formula field, enter the Hyperlink code using your store domain.

    javascript HYPERLINK( "https://{your-stores-domain.com}/auth/saml/sign_in?sfid=" + CASESAFEID(Id), "Click here to log in as " + FirstName + " " + LastName )

  7. Click Check Syntax → then Next.

  8. Set Profile Visibility → then Save.

Final Step: Test the Login Feature

  1. Go to a Contact Record.

  2. You should now see a field like “Log into store as this contact”.

  3. Click it to be logged into your store as that customer.

Was this article helpful?

Was this article helpful?