salesforce

What to Know About Salesforce Identity Licenses

salesforce

What to Know About Salesforce Identity Licenses

Salesforce Identity Licenses are

  • Definition: A license type in Salesforce for managing user identity and access.
  • Purpose: Provides Single Sign-On (SSO), Multi-Factor Authentication (MFA), and centralized user access management.
  • Features: Access to App Launcher, Identity Connect, My Domain, and connected apps.
  • Usage: Ideal for managing external user authentication and access across multiple systems.
Table Of Contents
  1. Introduction to Salesforce Identity Licenses
  2. What Are Salesforce Identity Licenses?
  3. Types of Salesforce Identity Licenses
  4. Key Features of Salesforce Identity Licenses
  5. Deep Dive into Salesforce Identity Services
  6. Benefits of Using Salesforce Identity Licenses
  7. Setting Up Salesforce Identity Licenses
  8. Salesforce User Licenses
  9. How Much Is the Salesforce External Identity License to Purchase?
  10. Salesforce Identity Licenses FAQ
  11. Salesforce Licensing Services

Introduction to Salesforce Identity Licenses

Introduction to Salesforce Identity Licenses

Brief Overview of Salesforce

Salesforce is a leading customer relationship management (CRM) platform that provides businesses with tools to manage sales, customer service, marketing, and more.

It is highly customizable and scalable, making it suitable for organizations of all sizes across various industries.

Importance of Identity and Access Management in Salesforce

Effective identity and access management (IAM) in Salesforce ensures security, compliance, and operational efficiency.

Proper IAM practices help control who has access to what resources, protect sensitive information, and ensure that users can perform their roles without unnecessary hindrances.

What Are Salesforce Identity Licenses?

What Are Salesforce Identity Licenses

Definition and Overview

Salesforce Identity Licenses are specialized licenses that provide advanced identity and access management features within the Salesforce ecosystem.

They help organizations manage user authentication, authorization, and access control more effectively.

Key Features of Salesforce Identity Licenses

Salesforce Identity Licenses come with several key features that enhance security and streamline user access:

  • Single Sign-On (SSO): Allows users to log in once and gain access to multiple applications without needing to log in again.
  • Multi-Factor Authentication (MFA): Adds an extra layer of security by requiring users to provide two or more verification methods before accessing Salesforce.
  • App Launcher: Provides a central location for users to access all their connected apps, simplifying navigation and access.
  • Identity Connect: Synchronizes user identities between Active Directory and Salesforce, ensuring consistency and security.
  • My Domain: Customizes the Salesforce URL for improved security and user experience.
  • Connected Apps: Facilitates integration with various third-party applications, enhancing user authentication and access control.

Importance in Managing User Access and Authentication

Salesforce Identity Licenses are critical for managing user access and authentication. They:

  • Improve Security: By implementing SSO, MFA, and other security measures, organizations can protect sensitive data and ensure only authorized users have access.
  • Simplify User Management: Centralized user management tools streamline the process of adding, removing, and managing users.
  • Enhance User Experience: Features like SSO and App Launcher reduce the need for multiple logins and provide a seamless user experience.
  • Ensure Compliance: Advanced IAM features help organizations comply with regulatory requirements by providing robust security and detailed access controls.

Types of Salesforce Identity Licenses

Salesforce Identity Licenses

Overview of Different License Types

Salesforce offers two main types of Identity Licenses to cater to different organizational needs: Salesforce Identity and Salesforce Identity Plus.

Salesforce Identity

The Salesforce Identity license provides basic IAM features, including:

  • Single Sign-On (SSO)
  • Multi-Factor Authentication (MFA)
  • App Launcher
  • My Domain
  • Connected Apps

This license is ideal for organizations looking to implement fundamental IAM capabilities without needing extensive customization or additional features.

Salesforce Identity Plus

The Salesforce Identity Plus license includes all the features of the Salesforce Identity license, plus additional capabilities such as:

  • Enhanced Security Features
  • Advanced Integration Options
  • Comprehensive User Analytics

This license suits larger organizations or those with more complex IAM requirements. It requires advanced security and integration features to manage a broader range of applications and user scenarios.

Key Features of Salesforce Identity Licenses

What Is the Difference Between Salesforce Identity Licenses and Salesforce Licenses

Single Sign-On (SSO)

Explanation of SSO

Single Sign-On (SSO) is an authentication process that allows users to access multiple applications with one login credential. Once authenticated, users can navigate between different applications without logging in again.

How SSO Works in Salesforce

SSO integrates with identity providers (such as Active Directory, Okta, or other SSO services) to authenticate users in Salesforce.

Once users log in through the identity provider, they gain access to Salesforce and other connected applications without needing to re-enter their credentials.

Benefits of Using SSO

  • Enhanced User Experience: Users log in once and access all their applications seamlessly.
  • Improved Security: Reduces password fatigue and encourages the use of stronger passwords.
  • Centralized Authentication: Simplifies user management by consolidating authentication processes.

Multi-Factor Authentication (MFA)

Overview of MFA

Multi-factor authentication (MFA) adds layer of security by requiring users to provide two or more verification factors to gain access. These usually involve something the user knows (e.g., a password) and something the user has (e.g., a mobile device or security token).

How to Set Up MFA in Salesforce

  1. Navigate to Setup: Go to the Salesforce Setup menu.
  2. Search for MFA: In the Quick Find box, type and select “MFA.”
  3. Enable MFA: Follow the instructions to enable MFA for your organization.
  4. Set Up Verification Methods: Configure the types of verification methods (e.g., SMS, authenticator apps) that users can use.

Security Benefits of MFA

  • Increased Security: Protects against phishing, credential theft, and unauthorized access.
  • Compliance: Helps meet regulatory requirements and security standards.
  • Reduced Risk: Adds an extra layer of defense, significantly reducing the risk of security breaches.

App Launcher

What is App Launcher?

The App Launcher is a Salesforce feature that provides a central location where users can access all their connected apps. It acts as a gateway to various applications integrated with Salesforce.

How App Launcher Simplifies Access to Apps

  • Unified Access Point: Users can see and access all available apps in one place.
  • Customizable Layout: Administrators can organize and categorize apps based on user needs and preferences.
  • Quick Navigation: Reduces the time spent searching for and logging into different applications.

Configuring and Using App Launcher

  1. Access App Launcher Settings: Navigate to Setup and search for “App Menu.”
  2. Customize App Visibility: Add or remove apps based on user roles and permissions.
  3. Organize Apps: Arrange the order of apps for better accessibility.
  4. User Access: Train users on how to use the App Launcher to access their applications.

Identity Connect

Explanation of Identity Connect

Identity Connect is a Salesforce tool that synchronizes user identities between Salesforce and Microsoft Active Directory. This ensures that user information is consistent across both platforms.

Integration with Active Directory

  • User Synchronization: Automatically syncs user data, reducing the need for manual updates.
  • Password Sync: Ensures that password changes in Active Directory are reflected in Salesforce.
  • Role Mapping: Maps Active Directory roles to Salesforce profiles for seamless access management.

Benefits of Using Identity Connect

  • Consistency: Maintains up-to-date user information across systems.
  • Efficiency: Reduces administrative overhead by automating user management tasks.
  • Security: Enhances security through synchronized password policies and centralized user management.

My Domain

What is My Domain?

My Domain allows organizations to create a custom Salesforce URL that reflects their brand. This mandatory feature enhances the security and user experience of your Salesforce instance.

Customizing Your Salesforce URL

  1. Access My Domain Settings: Go to Setup and search for “My Domain.”
  2. Create Domain Name: Choose a domain name that represents your organization.
  3. Register Domain: Register the domain and deploy it.
  4. Update URLs: Ensure all bookmarks, integrations, and references are updated to the new domain.

Security and Branding Benefits

  • Enhanced Security: Custom URLs help prevent phishing attacks and improve user trust.
  • Brand Consistency: Aligns Salesforce URLs with the company’s branding.
  • Improved User Experience: Provides users with a familiar and professional-looking URL.

Connected Apps

Overview of Connected Apps

Connected apps allow third-party applications to integrate with Salesforce using APIs and standard protocols. These apps can request permission to access Salesforce data and perform specific actions on behalf of the user.

How to Configure and Manage Connected Apps

  1. Create Connected App: Navigate to Setup and search for “App Manager.” Click “New Connected App.”
  2. Configure App Settings: Define the app’s OAuth settings, permissions, and API access levels.
  3. Manage Permissions: Assign permissions to users and manage security policies for the connected app.
  4. Monitor Usage: Salesforce’s monitoring tools track app usage and performance.

Use Cases for Connected Apps

  • Integration with External Services: Connect Salesforce with third-party services like marketing automation tools, ERP systems, and social media platforms.
  • Custom Mobile Apps: Develop and integrate custom mobile applications that interact with Salesforce data.
  • Single Sign-On (SSO): Use connected apps to provide SSO access to third-party applications from within Salesforce.

Organizations can significantly improve their identity and access management practices within Salesforce by understanding and leveraging these key features.

Deep Dive into Salesforce Identity Services

Deep Dive into Salesforce Identity Services

Benefits of Using Salesforce Identity Licenses

Improved Security and Access Control

Salesforce Identity Licenses provide robust security features that ensure only authorized users can access your systems.

  • Multi-Factor Authentication (MFA): Adds a layer of security requiring multiple verification forms.
  • Single Sign-On (SSO): Reduces password fatigue and the risk of phishing attacks by allowing users to access multiple applications with one set of credentials.
  • Centralized User Management: Simplifies monitoring and managing user access across various applications.

Simplified User Management

Salesforce Identity Licenses make it easier to manage user identities and permissions.

  • Identity Connect: Synchronizes user data between Salesforce and Active Directory, reducing administrative overhead.
  • Connected Apps: Allows seamless integration with third-party applications, ensuring consistent user management.

Enhanced User Experience

Providing a seamless user experience is crucial for productivity and user satisfaction.

  • App Launcher: Centralizes access to all connected apps, making it easy for users to find and use the necessary tools.
  • Customizable My Domain: Creates a branded, professional-looking URL that users can easily recognize and trust.

Compliance with Regulatory Requirements

Meeting regulatory standards is essential for many businesses.

  • Data Security: Robust security features help ensure compliance with data protection regulations.
  • Audit Trails: Detailed user access logs and actions support regulatory compliance and internal audits.

Setting Up Salesforce Identity Licenses

Setting Up Salesforce Identity Licenses

Initial Setup

Steps to Get Started with Salesforce Identity Licenses

  1. Purchase Licenses: Obtain Salesforce Identity Licenses through your Salesforce account representative or via the dashboard.
  2. Assign Licenses: Navigate to the Users section in Salesforce Setup to assign the Identity Licenses to the appropriate users.
  3. Enable Identity Features: Enable the Identity features in the Salesforce Setup menu to start configuring your identity settings.

Configuring Basic Identity Settings

  1. Access Identity Settings: In Salesforce Setup, search for “Identity” to access the identity settings.
  2. Set Up Authentication Policies: Define authentication policies like password requirements and session settings.
  3. Enable MFA: Turn on MFA to add an extra layer of security for user logins.

Configuring Single Sign-On (SSO)

Detailed Steps to Configure SSO

  1. Access SSO Settings: In Salesforce Setup, search for “Single Sign-On” and enable the SSO settings.
  2. Choose an Identity Provider: To manage user authentication, select an identity provider, such as Okta or Active Directory.
  3. Configure SSO Settings: Enter the details provided by your identity provider, including the SSO URL and certificate.
  4. Test SSO Configuration: Test the SSO setup to ensure it works correctly before rolling it out to all users.

Integrating with Various Identity Providers

  • Active Directory Integration: Use Identity Connect to synchronize user data and authentication with Active Directory.
  • Third-Party Providers: Configure SSO with other providers like Okta, OneLogin, or Ping Identity by following their specific integration guides.

Implementing Multi-Factor Authentication (MFA)

Steps to Enable MFA

  1. Access MFA Settings: In Salesforce Setup, search for “MFA” and enable the MFA settings.
  2. Select Verification Methods: Choose the verification methods that users will use, such as SMS, authenticator apps, or security tokens.
  3. Enable MFA for Users: Assign MFA to users by navigating to their profile and selecting the MFA option.

Best Practices for MFA Implementation

  • User Training: Educate users on the importance of MFA and how to set up their verification methods.
  • Gradual Rollout: Implement MFA in phases to ensure a smooth transition and promptly address any issues.
  • Backup Verification Methods: Ensure users have backup verification methods if their primary method is unavailable.

Setting Up Identity Connect

How to Install and Configure Identity Connect

  1. Download Identity Connect: Obtain the Identity Connect installer from Salesforce.
  2. Install Identity Connect: Follow the installation wizard to install Identity Connect on your server.
  3. Configure Connection Settings: Enter the required credentials and configuration details to set up the connection between Salesforce and Active Directory.
  4. Sync Users: Synchronize user identities between Salesforce and Active Directory to ensure consistency.

Synchronizing Identities with Active Directory

  • User Provisioning: Automatically create, update, and deactivate Salesforce users based on their Active Directory status.
  • Password Sync: Ensure password changes in Active Directory are reflected in Salesforce for seamless authentication.

Customizing My Domain

Steps to Set Up My Domain

  1. Access My Domain Settings: In Salesforce Setup, search for “My Domain” to access the My Domain settings.
  2. Choose a Domain Name: Select a domain name that reflects your organization’s brand.
  3. Register and Deploy: Register and deploy the chosen domain in your Salesforce environment.
  4. Update URLs: Ensure all bookmarks, integrations, and references are updated to the new domain.

Tips for Customization and Branding

  • Custom Login Page: Design a custom login page with your company’s logo and branding elements.
  • Subdomains: Use subdomains to differentiate between different Salesforce environments (e.g., development, testing, production).
  • Consistent Branding: Ensure the domain name and login page align with your company’s overall branding strategy.

Salesforce User Licenses

Understanding Salesforce User Licenses

Salesforce User Licenses: The Basics: Every user must have one user license. The type of license determines the available features. Salesforce offers various licenses for different needs.

Salesforce Identity License

  • Purpose: Allows login using Salesforce Single Sign-On (SSO) without a full CRM license.
  • Ideal For: Users who require access to Salesforce data but not the complete CRM functionality.

The Power of Single Sign-On (SSO)

  • Convenience: Users use one login for multiple applications.
  • Security Benefits: Reduces password-related breaches by minimizing the need for multiple passwords.

External Identity License Explained

  • Functionality: Grants access to Salesforce Customer Identity for self-registration and login by customers and partners.
  • Advantages: Ideal for organizations managing large customer or partner bases, ensuring efficient access control to Salesforce data.

How Much Is the Salesforce External Identity License to Purchase?

salesforce external identity

The Salesforce External Identity License is a specific edition of Salesforce Identity Licenses designed for organizations that must give their customers, partners, and contractors access to their Salesforce platform.

The External Identity License is priced at $10 per user per month and offers various features, including:

  • Single Sign-On.
    An External Identity License allows external users to sign in once and access multiple applications without signing in again.
  • Custom Branding.
    The External Identity License enables organizations to customize their login page and branding, providing a seamless user experience.
  • Access Management.
    The External Identity License allows businesses to control access to their Salesforce platform and data, ensuring that external users only have access to the information they need.

Salesforce Identity Licenses FAQ

What is a Salesforce Identity License? It is a type of license that provides identity and access management features like Single Sign-On (SSO), Multi-Factor Authentication (MFA), and centralized user access control.

Who should use Salesforce Identity Licenses? Salesforce Identity Licenses are ideal for organizations that manage external user authentication and access across multiple systems.

What features are included with a Salesforce Identity License? Features include Single Sign-On (SSO), Multi-Factor Authentication (MFA), App Launcher, Identity Connect, My Domain, and connected apps.

Can Salesforce Identity Licenses be used for internal users? They can manage internal and external user identities, ensuring secure access and authentication.

How does Single Sign-On (SSO) work with Salesforce Identity Licenses? SSO allows users to log in once and gain access to multiple applications without needing to log in again for each application.

What is Multi-Factor Authentication (MFA) in Salesforce Identity? MFA adds an extra layer of security by requiring users to provide two or more verification methods before accessing Salesforce.

How does the App Launcher benefit users with a Salesforce Identity License? The App Launcher provides a central location for users to access all their connected apps, simplifying navigation and access.

What is Identity Connect in Salesforce Identity? Identity Connect is a tool that synchronizes user identities between Active Directory and Salesforce, ensuring consistency and security.

How do Salesforce Identity Licenses support My Domain? My Domain allows organizations to customize their Salesforce URL, improving security and user experience by creating a branded login page.

Can Salesforce Identity Licenses integrate with other applications? Yes, Salesforce Identity Licenses support integration with various third-party applications, enhancing user authentication and access control.

What is the difference between a Salesforce Identity License and a standard Salesforce License? A Salesforce Identity License focuses on identity and access management features, while a standard Salesforce License includes broader CRM functionalities.

How do you assign a Salesforce Identity License to a user? You can assign the license through Salesforce Setup by navigating to the Users section and selecting the appropriate license type for the user.

Can Salesforce Identity Licenses help with compliance? These licenses help organizations meet security and compliance requirements by providing robust authentication and access control features.

What are some common use cases for Salesforce Identity Licenses? Common use cases include managing external partner access, providing secure access to internal applications, and simplifying user login processes.

How can Salesforce Identity Licenses improve an organization’s security? They improve security by implementing SSO, MFA, and centralized access control, ensuring only authorized users can access sensitive information and applications.

Salesforce Licensing Services

Redress Compliance offers specialized Salesforce licensing and advisory services if you require further assistance or have specific questions about Salesforce licensing.

Their team of experts can provide tailored guidance and support to ensure that your Salesforce setup aligns with your business needs and compliance requirements.

For in-depth advice and services related to Salesforce Identity Licenses or other Salesforce solutions, consider contacting Redress Compliance for professional assistance.

Author

  • Fredrik Filipsson

    Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, improving organizational efficiency.

    View all posts