Thread Details

 SOQL Studio support for Orgs setup with Active Directory SSO??


Post by Oliver Sumpton
Joined 11/04/2018
Posted 11/05/2018 4:40 AM

Does SOQL Studio support accessing Orgs setup SSO setup though Azure Active Directory? I am currently trying to use SOQL Studio to access an Org that uses both custom login domain (companyname.my.salesforce.com) and SSO through the company's Office 365 accounts. But no mater what I try, I can not seem to gain access via SOQL Studio.

 

I am however able to login to Sandbox environments provisioned from this Org by defining a security token in SOQL Studio, though I can not seem to login using the Two Factor Authentication option, even though this is enabled for my User. On logging in via a web browser, I receive the verification code just fine on my phone, but using SOQL Studio, when the "Enter Verification Code" popup appears, I never receive a code and there is no real status about what's going on with the login process. That said as I mentioned, I am able to login to the sandbox by defining my security token, which is the only success I've had with SOQL Studio thus far.

 

Any help regarding SOQL Studio's support for accessing an Org using SOO via O365 Federated Active Directory is be greatly appreciated.

Post by Administrator
Visual Software Systems
Joined 1/01/2016
Posted 11/05/2018 12:20 PM

Hi Oliver,

At this time, SOQL Studio does not support SSO, but we do support TFA and custom domains. Regarding you sandbox org, I understand that you are able to logon using id/password/security token, but not TFA.  However, TFA works when logging on to this sandbox org via a browser.  What app are you using to get the TFA code, the Salesforce Authenticator app?  What I think is happening is that the code that Salesforce sends in a text message when you logon via a browser from a non-whitelisted IP is being mistaken for TFA. 

For you production org, you should still be able to use id/password/security token for API logon even though you use SSO for browser logon.  How do you logon with other API-based tools such as Data Loader, the Force.com IDE, and Workbench?  None of these tools support SSO to my knowledge. 

Post by Oliver Sumpton
Joined 11/04/2018
Posted 11/06/2018 5:32 AM

Thanks for the quick reply. To be honest, in the Production instance of this specific Org I don't have credentials to do much other than run SOQL queries via tha API as far as Admin privileges go, so I have not tried to connect to it via an IDE. But I have not problem accessing it through the Developer Workbench and running a query from there. I just reset my security token and tried again to connect to the Production env using SOQL Studio. Still getting the same "INVALID LOGIN: Invalid username, password, security token; or user locked out." Reasonably sure my credentials are correct. Is there something I have to do to se the custom login domain or is this something the app should detect automatically?

 

I am still able to access the sandbox envs by setting my security token for those and am excited to try out your app. Will start there and simply try copying new queries into the Developer Workbench to run them in Production.

Post by Administrator
Visual Software Systems
Joined 1/01/2016
Solved
Posted 11/06/2018 12:07 PM

Hi Oliver,

Can you check that the connection to your production org has the Org Type field set to Production and not Sandbox?

If you need to use a custom login domain for API access, you can enable that on the Advanced tab in Options.  Then go into Connection Manager, select the connection to your production org and input the custom login URL. It should be the full host portion of the API URL without the protocol specifier (e.g. yourcustomdomain.my.salesforce.com).  The preview will show you the full URL that SOQL Studio will use to connect.

Log in to reply to this post.