Social-Sign-on-in-Salesforce-SSO-with-PayPal
Salesforce

Social Sign on in Salesforce | SSO with PayPal

Social login, also known as social sign-in or social sign-on, uses information from social networking sites (in our case: PayPal) to facilitate logins on third-party applications and platforms (in our case: Salesforce).


Step 1: Create PayPal login.

To implement social sign on using PayPal, we need a PayPal developer account. So go ahead and sign up for PayPal account here.


Step 2: Configuration in PayPal Developer account.

Once you have a PayPal account, go to https://developer.paypal.com/ and login with the PayPal account we just created in Step 1.

You will find an app “Default Application” already created for sandbox.

This Default application will be linked to a By-default created sandbox Test account. Keep the client id and client secret from the default application handy.


Step 3: Configure Auth. Provider in Salesforce.

Authentication provider lets your users log in to your Salesforce org using their login credentials from a third-party service provider (like PayPal).

To setup Auth. Provider, go to

Setup –> search Auth. Providers –> Create New –>

Choose ‘Open Id connect’ as Provider type –>

Copy the Client key and Client secret from the Default application of PayPal’s Developer account and paste it as consumer key and consumer secret in Auth. Provider setup.

Update other information as below and click autogenerate the registration handler class.

Execute Registration As: The registration handler Apex class will run in the context of the specified user, so make sure this user has the Manage Users permission!

Note: When a new user tries to login into salesforce with PayPal before registering themselves, a new user is created in salesforce in context of user selected in ‘Execute Registration As’ field

Authorize Endpoint URL: https://www.sandbox.paypal.com/signin/authorize


Token Endpoint URL: 
https://api-m.sandbox.paypal.com/v1/oauth2/token

User Info Endpoint URL:
https://api-m.sandbox.paypal.com/v1/identity/oauth2/userinfo

Click save.


Step 4: Update the Redirect URL in PayPal account

Once the Auth. Provider is setup, couple of URLs are autogenerated.

Expand the Experience cloud sites section below and copy the Callback URL of the community site for which we need to enable social sign on option for PayPal.

Expand the Experience cloud sites section below and copy the Callback URL of the community site for which we need to enable social sign on option for PayPal.

Step 5: Enable Social sign on as a login option

We are almost there. Enable the created auth. Provider option for communities so that the users can now login using the PayPal credentials.

This can be done by navigating to the community’s ‘Administration’ section (Setup > Sites > All Sites > Workspace > Administration) and checking the authentication provider’s box under the ‘Login and registration’ tab.


Step 6: Revisit the settings on login page of community

Navigate to Experience builder.

Add social login component on the login page for users to login using enabled auth. Provider, i.e., PayPal

And that’s it. PayPal setup is now configured in salesforce to allow users to login with their PayPal account.

Note: Before going live, make the sure the authorize and token endpoint URLs in the Auth. Provider settings are replaced with Live URL and consumer key and secret are replaced with the PayPal’s live account client key and secret.

Sandbox token URL- https://api-m.sandbox.paypal.com/v1/oauth2/token

Live token URL- https://api-m.paypal.com/v1/oauth2/token

It’s time to test the PayPal social sign on option from salesforce communities.

For testing in sandbox, you can find the username and password of test sandbox account in:

PayPal Developer account –> Sandbox > Accounts –>Edit or View Account –> You can create a new one or use existing one