Skip to main content
Jump to
    Fourth Customer Success Portal
    • Updated

    Fourth Platform Maintenance Notification, February 2023 - Launching 3rd-Party Apps from the Fourth App

    Background

    For a number of years, Fourth has trusted Salesforce to provide enterprise-level security for its Identity Management Platform (IDP) and Single-Sign-On (SSO) functionality.

    In their Spring’23 release, as part of their ongoing improvements, Salesforce will make changes to their SAML framework, bringing it in line with industry standards.

    _Warning.png There is a possibility that this change may have an impact on some integrations with the Fourth platform.

    Impact 

    If- your users get automatically logged in to a 3rd-party or in-house app that they launch from the 'All Applications' page in the Fourth app

    And - the app in question uses SP- or IDP-initiated SSO

    Then - it is possible that, following the release by Salesforce, the app may no longer be able to correctly parse the updated Salesforce SAML tokens; causing login to fail for all users.

    Finger01.png This should, however, not be a problem for modern SAML implementations.

    Important Dates and Further Information

    The dates for the Salesforce Spring '23 release are:

    North America- 4th February 06:00 GMT
    EMEA - 11th February 00:00 GMT
    APAC - 11th February 17:00 GMT

    More technical details about the Salesforce release can be found here. Unfortunately, this is a global change and cannot be postponed.

    Next Steps

    The quickest and easiest way to confirm whether or not this will impact a given integration is by carrying out a simple log-in/log-out test. This can only be carried out – prior to the live release date – from a sandbox environment and Fourth only has a short window in which to do this.

    BestPractice02.png There is nothing required from your users or administrators.

    Over the next two weeks, Fourth will contact and work directly with your 3rd-party (or internal IT team) to complete these tests:

    1. Fourth will replicate the configuration for the app in its pre-live environment

    2. The 3rd-party/IT team must configure access to their app for Fourth's test user with an ID provided by Fourth
      They may also need to set up a new trust relationship on their IDP

    3. Fourth will run a small set of tests and verify that access to the app is working correctly

    If the tests are unsuccessful, the 3rd-party app provider may need to upgrade their implementation of SAML before the Salesforce release date in order to maintain service.

    If there are any 3rd-parties who are unable to help perform the testing or who cannot carry out remedial work prior to the release date, then Fourth will directly inform all impacted customers as soon as possible so that their users can be advised.

    Further Questions and Communication

    We appreciate you may have additional questions. Please contact idpupdates@fourth.com with any queries or concerns.

    Thank you in advance for your assistance and continued partnership.

    The Fourth Product Team

    Comments

    Article is closed for comments.