Login to salesforce with facebook

Login to salesforce with facebook credentials

Hello everyone,

Now a days, at many websites, you must have seen that there is an option to login using your facebook credentials. Similar is the case here where you want to log-in to your salesforce org using facebook credentials. So, here are the steps that will help you achieve the same.

For achieving the functionality, there should be a link between facebook and salesforce org. That’s why we need to give some information to facebook about our salesforce org and some information about facebook to our salesforce org. You can get started with the below steps:

Setting up a Facebook Application

  • First of all create a facebook app. Enter a display name of your choice. Namespace is optional. You can choose any option of your choice from category picklist.You can log in to your facebook profile and go to settings –> Create App —> Apps —> Create a New App

Facebook App

  • It will ask you to fill Captcha details as shown in the screenshot below:


  • After you submit this page, it will take you to the following screen.


  • Just click on show button to get the App ID and App Secret as both are needed by Salesforce to create a link. When you will click on Show button it will ask for your facebook password. Provide the same and get the App Secret.

Defining a Facebook Provider in your Salesforce Organization

  • Now, go to your salesforce Org and Go to Security Controls ——> Auth. Providers.
  • Click New.
  • In Provider Type picklist, select ‘Facebook’.
  • Enter a Name for the provider.(It can be any name of your choice)
  • Enter the URL Suffix. This is used in the client configuration URLs. For example, if the URL suffix of your provider is “MyFacebookProvider”, your single sign-on URL is similar to: https://login.salesforce.com/auth/sso/00Dx00000000001/MyFacebookProvider.
  • Use the Application ID from Facebook for the Consumer Key field.
  • Use the Application Secret from Facebook for the Consumer Secret field.
  • Custom Error URL is optional (not required).
  • Then, click ‘Automatically create a registration handler template’. It will create a new class in your salesforce org that will handle the registration of new users to your salesforce org or updation of any existing user in your org.
  • The class automatically generated needs some modification. you can use below code in your class.At line number 23 of the below code I have used profile id with which you want to create a new user. So Please replace that Id with the Id of some profile available in your respective salesforce org.

//TODO:This autogenerated class includes the basics for a Registration
//Handler class. You will need to customize it to ensure it meets your needs and
//the data provided by the third party.

global class AutocreatedRegHandler1380796002690 implements Auth.RegistrationHandler{
global boolean canCreateUser(Auth.UserData data) {
    //TODO: Check whether we want to allow creation of a user with this data
   // Set s = new Set{'usernamea', 'usernameb', 'usernamec'};
    //if(s.contains(data.username)) {
        //return true;
    return true;

global User createUser(Id portalId, Auth.UserData data){
    if(!canCreateUser(data)) {
        //Returning null or throwing an exception fails the SSO flow
        return null;
    //The user is authorized, so create their Salesforce user
    User u = new User();
    Profile p = [SELECT Id FROM profile WHERE id='00e90000001C3vh'];
    //TODO: Customize the username. Also check that the username doesn't already exist and
    //possibly ensure there are enough org licenses to create a user. Must be 80 characters
    //or less.
    u.username = data.username + '@myorg.com';
    u.email = data.email;
    u.lastName = data.lastName;
    u.firstName = data.firstName;
    String alias = data.username;
    //Alias must be 8 characters or less
    if(alias.length() > 8) {
        alias = alias.substring(0, 8);
    u.alias = alias;
    u.languagelocalekey = UserInfo.getLocale();
    u.localesidkey = UserInfo.getLocale();
    u.emailEncodingKey = 'UTF-8';
    u.timeZoneSidKey = 'America/Los_Angeles';
    u.profileId = p.Id;
    insert u;
    return u;

global void updateUser(Id userId, Id portalId, Auth.UserData data){
    User u = new User(id=userId);
    //TODO: Customize the username. Must be 80 characters or less.
    //u.username = data.username + '@myorg.com';
    u.email = data.email;
    u.lastName = data.lastName;
    u.firstName = data.firstName;
    //String alias = data.username;
    //Alias must be 8 characters or less
    //if(alias.length() > 8) {
        //alias = alias.substring(0, 8);
    //u.alias = alias;

  • Select any user that has ‘Manage users’ permission in ‘Execute Registration As’ lookup field. The class created in above step will be called as this selected user.
  • When you will click Save, it will give you four URLs.

Updating Your Facebook Application

  • Go back to your facebook application you just created in last steps. Click on Settings in left option bar.

facebook app

  • Click on +Add Platform and choose ‘Website’.


  • In Site URL, paste the callback URL provided by salesforce in previous steps and click Save Changes.

Testing the Single Sign-On Connection

First of all Logout from facebook, then in a browser, open the Test-Only Initialization URL on the Auth. Provider detail page of Salesforce. It should redirect you to Facebook and ask you to sign in. Upon doing so, you are asked to authorize your application. After you authorize, you are redirected back to Salesforce.

Then if it is successful then you can use the single sign on URL to test the same, and it will work the same way. It will ask for your facebook creds and then will create a new user with your username in salesforce(if not already there) and log you in to salesforce. This user registration thing is handled by the class that you have modified in above steps. So, if you face any problem then you can check your class code to resolve any issue.

Then you can single sign on URL to be provided anywhere on any website and it will prompt user to log-in with their facebook creds.

Many times we run into an issue of number of licenses. Our class tries to create a new user but because licenses are not available for the profile that we have set in our code, the new user is not created and it throws an error. Hence, if possible and suitable, you can use id of chatter profile(line no 23 of above code)  as we have 5000 licenses for this profile.

For more information visit Configuring a Facebook Authentication Provider

Permanent link to this article: https://www.sfdcpoint.com/salesforce/login-salesforce-with-facebook/


Skip to comment form

    • Neeraj kumar on February 28, 2014 at 9:42 pm
    • Reply

    Very nice post and very useful. Thanks for very good post. Keep posting:):)

    1. Thanks Neeraj for your comment.

    • Sudi on March 1, 2014 at 1:09 am
    • Reply

    I got the following error when tried to browse the test only URL-
    This XML file does not appear to have any style information associated with it. The document tree is shown below.

      • Nitish Singhal on March 1, 2014 at 2:06 am
      • Reply

      Hi Sudi,
      Yes, this is the expected behavior. This is not the Error. If you will see the details there in the XML, it will show your username and some other fields. This is only for testing whether your details are correctly carried or not to salesforce.

      If you want to see it actually working, you have to try it with single sign on URL. Please try it once with single sign on URL.

    • kapil p on March 3, 2014 at 4:04 pm
    • Reply

    Thanks for updates the question that i raised earlier was-
    requirement is — “”Using FB credential i want to login directly to
    Salesforce Community””” not to Salesforce. I know its working better for
    normal salesforce account please suggest how it will work better for
    Saleforce community.

    Kapil (Khilesh B Patle)

      • Nitish Singhal on March 3, 2014 at 8:56 pm
      • Reply

      I have read in salesforce documentation that it is possible, but haven’t tried yet. I’ll try and keep you posted.

        • kapil p on March 13, 2014 at 3:37 pm
        • Reply

        Hey Nitish, Did you have something to share for this requirement.

    • Mohit Gupta on March 11, 2014 at 1:31 pm
    • Reply

    Hi, Does anyone can give me any idea about SP initiated SSO with CA Siteminder and Salesforce.

    • kapil p on March 13, 2014 at 3:37 pm
    • Reply

    hanks for updates the question that i raised earlier was-
    requirement is — “”Using FB credential i want to login directly to
    Salesforce Community””” not to Salesforce. I know its working better for
    normal salesforce account please suggest how it will work better for
    Saleforce community.

    Kapil (Khilesh B Patle)

    • Magulan on July 23, 2014 at 9:34 pm
    • Reply

    Hi, what to specify in “App Domains”? Was it working for you?

      • davcondev on July 3, 2017 at 4:24 am
      • Reply

      For posterity – nothing needs to be specified in app domains. If you get an app domain error it’s because the platform & callback url is wrong or missing

    • shailender on May 29, 2020 at 7:52 pm
    • Reply

    We can’t log you in because of the following error. For more information, contact your Salesforce administrator.

    No_Oauth_State: State was not sent back

Leave a Reply

Your email address will not be published.