Invdev

Menu

Linking people and nature with Sierra Club

Customer success case study

Sierra Club logo

Integrating Salesforce to the Sierra Club Intranet for over 600,000 users

Founded by Scottish-merican conservationist John Muir in 1892 Sierra Club is an environmental organisation that is committed to helping people  explore, preserve and protect the planet. Sierra Club currently has 3 million active supporters and 600,000 members.

Sierra Club wanted to enable Single Sign-Off (SSO) to allow its employees and members to effortlessly access their intranet (built and maintained by Invotra) by logging in to their Salesforce accounts.

An ambitious yet seamless SSO integration

Partnering with Invotra, Invdev’s development team integrated with Sierra Club’s instance of Salesforce to enable their Drupal intranet instance to authenticate against existing Salesforce credentials.

To make things more challenging Sierra Group specified that:

  • The user roles people held on Salesforce had to control the access/permissions they would have on their intranet.
  • Additional intranet functionality would need to be developed to accommodate controlled intranet access to Sierra Club’s external members, supporters and volunteers.
  • Provide users with access to the platform from any location via mobile devices.
Person walking in a forest in hiking gear

Project results

  • Creation of a seamless SSO log ins for all Sierra Club users to their Invotra intranet platform.
  • An improved user experience as users now have fewer passwords to remember.
  • Improved systems security.

Our approach to SSO authentication

The Invdev development team utilised the Security Assertion Markup Language (SAML) protocol to implement the Single Sign-On (SSO) between Sierra Club’s Salesforce and intranet instances.

Salesforce is used as an Identity Provider (IDP), while the intranet is configured as the Service Provider (SP) which means the intranet becomes a connected application within Salesforce for Sierra Club’s users.

Configuring the connection this way means a Sierra Club user can log into their intranet account in one of
two ways:

  • When logging into a user’s Salesforce account, the intranet appears as a configured connected application.
  • Users can access the intranet directly which will redirect the user to a Salesforce login page and then redirect them back to the intranet, fully authenticated. If they are already logged into Salesforce, their existing session will be recognised and they will immediately be redirected to a logged-in intranet session.