This guide explains how to connect your career center to Fonteva when Salesforce is your identity provider (IdP)—what happens in order, what we need from you, where to find it in Salesforce, and why each item matters. Fonteva runs on Salesforce, so SSO is configured in your Salesforce org (not in a separate Fonteva-only console).
Association admins (or your Salesforce admin) who use Fonteva on Salesforce and want members to sign in to the career center with their Salesforce/Fonteva login.
<aside> 💡
Quick answer — We’ll tell you whether your project uses OAuth or SAML. In Salesforce, that usually means a Connected App under Setup → App Manager. You’ll add our callback (redirect) URLs, then send us the credentials or SAML IdP details we list below. We send you our ACS URL and SP Entity ID (for SAML) so you can finish the Salesforce side.
</aside>
Fonteva is built on Salesforce; your IdP for this setup is your Salesforce org. There isn’t a separate “Fonteva-only” SSO screen for this—your Salesforce admin works in Setup.
Depending on the integration, we configure OAuth (API-style login) or SAML (classic SSO). Your implementation contact will confirm which applies.
| What we need | Where to get it (Salesforce) | Why we need it |
|---|---|---|
| Authorization URL (sometimes called the OAuth login or authorize URL) | Derived from your Salesforce My Domain or login host. The standard pattern is https://<your-domain>.my.salesforce.com/services/oauth2/authorize (production) or your org’s sandbox host if you test there first. See Salesforce Help: Create a Connected App. |
Tells us where to start the login redirect so members land in your org. |
| Consumer Key | Setup → App Manager → your Connected App → View → Consumer Key (Salesforce’s name for the app’s public client identifier). | Identifies the Connected App during OAuth. |
| Consumer Secret | Same Connected App screen; may require clicking Click to reveal. | Lets our system complete the OAuth exchange securely. Treat it like a password—share only through the secure channel we specify. |
| Selected OAuth scopes | On the Connected App: OAuth Settings → Selected OAuth Scopes (e.g. API access, refresh token, identity—exact list depends on what we agree for your project). | Scopes define what Salesforce allows our integration to do after login. We need to match what’s enabled on the app. |
| API version | Often visible in API or integration settings; Salesforce publishes numbered REST versions (for example v59.0). Your admin or integration partner may already use a standard version. | We call Salesforce APIs using a specific version so requests behave consistently. |
| Field name for member / membership type | In your Fonteva data model (usually on Contact or a Fonteva membership object): the API name of the field that indicates membership level, type, or status (for example a picklist or custom field your association uses). | Lets us apply the right member-only rules in the career center. |
Redirect / callback URLs (OAuth) — You must register exact callback URLs in the Connected App. A mismatch breaks login. We typically use:
https://sso.webscribble.com/api/oauth/code