This guide explains how to use Salesforce as an Identity Provider to allow single sign-on (SSO) into your ngrok dashboard. This should not be confused with securing your ngrok edge to allow your application users to log in using Salesforce.Documentation Index
Fetch the complete documentation index at: https://ngrok.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
What you’ll need
- Admin access to create new applications in Salesforce.
- Admin access to edit your ngrok account settings.
- An ngrok Pay-as-you-go account or an SSO/Account Governance license.
The OIDC flow is initiated from your Applications login page.
(OIDC Service Provider flow is not supported.)
1. Configure Salesforce
Create a new External Client App in Salesforce, then configure it as follows. In the Policies tab:- Go to App Policies.
- Set Start Page to Custom.
- Set Custom Start URL to
https://dashboard.ngrok.com/login/sso.
- Go to Basic Information and set the External Client App Name.
- Go to OAuth Settings > App Settings and set:
- OAuth Scopes: Access the Identity URL Service (id, profile, email, address, phone), Access unique identifiers (openid), Access custom permissions (custom_permissions)
- Configure ID Token: Set ID Token Audience to
https://idp.ngrok.com, Include Standard Claims, and Custom Attributes - Flow Enablement: Enable Authorization Code and Credentials Flow
- Security: Require Secret for Web Server Flow and Require Secret for Refresh Token Flow
2. Configure ngrok
- Log into your ngrok dashboard and navigate to Settings > Account.
- Click + New Identity Provider and select New OpenID Connect Provider.
- Add a description and set the following details:
- Issuer URL, in the format
[yourdomain]-dev-ed.develop.lightning.force.com - Client ID (from Salesforce)
- Client Secret (from Salesforce)
- Issuer URL, in the format