Salesforce Delegated Authentication

Method of single-sign-on-based authentication in Salesforce for legacy systems

What is it?

• For the most part, Delegated Auth is used for “delegating” the password management of your Salesforce org to a centralized, usually legacy authentication system
• SOAP-based, your centralized Auth service must support the Salesforce-based WSDL

Requirements

• The users in question must have the “Is Single Sign On Enabled” permission turned on, which turns off all SFDC-based password management

Example

• You have a centralized, legacy LDAP system for user management at your company, and the ability to wrap it in a SOAP API
• You want to allow your users to remember their LDAP password, but have their own Salesforce Username
  • ?? - This is the weird part to me… Remember your SFDC Username and your LDAP Password?
• You set up the correct Single Sign On permission for the users
• You set up the WSDL and wire Salesforce together to the LDAP Server

More Documentation:

• Salesforce Docs
• YouTube Vid from Apex Hours