Customize Your Login Process with My Domain
After completing this module, you’ll be able to:
- Explain the benefits of My Domain.
- Detail how My Domain lets you control how users access your Salesforce org.
- Customize your login page.
Customize Your Salesforce Org URL with My Domain
Ever find yourself wanting to tweak the Salesforce login experience for your users? For example, add your company name to the login URL? Show your logo on the login page? Let your users log in with their Google credentials? My Domain lets you do all this and more.
What Is My Domain?
Let’s review this video to learn more about Salesforce My Domain.
My Domain is sort of like creating your own empire within the Salesforce universe. It’s a Salesforce Identity feature that lets you personalize your Salesforce org by creating a subdomain (empire) within the Salesforce domain (universe).
How’s that? If your Salesforce org was created before Winter ’21, your users access your org through the instance URL that Salesforce assigns you, such as https://na30.salesforce.com. With My Domain, you give your users a nifty, personalized way to access Salesforce. Instead of the meaningless https://na30.salesforce.com URL, your login URL looks like https://somethingReallycool.my.salesforce.com where:
- somethingReallycool Equals your My Domain name: your personal subdomain within the Salesforce domain. Typically, it's your company name or whatever drives your brand.
- my.salesforce.com is the Salesforce domain name—domain, for short. My Domain login URLs all belong to this same domain.
Having a My Domain isn’t just about convenience and branding an org’s login experience. It's about having more control over your login process and simplifying authentication. In fact, Salesforce requires you to have a My Domain in place to:
- Work in multiple Salesforce orgs in the same browser
- Set up single sign-on (SSO) with third-party identity vendors
- Set up authentication providers, such as Google and Facebook, so that your users can log in to your Salesforce org with their social account credentials
- Use Lightning components in Lightning component tabs, Lightning page, the Lightning App Builder, or standalone apps
- Use Financial Services Cloud, Health Cloud, or Work.com
Does Your Org Have a My Domain?
Because having a My Domain is so important, all production and Developer Edition orgs created in Winter ’21 and later get one by default. And all orgs are required to deploy one in Winter ’22.
If your production org doesn’t have a My Domain yet, don’t worry. Setting one up is simple. For instructions, head over to My Domain in Salesforce Help.
In this unit, we focus on setting My Domain policies and customizing your org’s login page. Both require My Domain, so if you want to follow along, you’ll use a Trailhead Playground, which—as we’re about to discover—already has a My Domain.
My Domain and Trailhead Playgrounds
Did you catch that part in the video about Trailhead Playgrounds? When you begin your first hands-on challenge in Trailhead, you create a Trailhead Playground. And that Playground has a My Domain.
Look at the browser’s address bar for the name of the Playground. All Playground My Domain names start with a cute animal name and some random numbers to ensure uniqueness. The My Domain name ends with -dev-ed, which means that the My Domain is for a Salesforce Developer Edition org.
In this Trailhead Playground, the My Domain name, creative-raccoon-b6c0h0-dev-ed, is a subdomain within the Salesforce lightning.force.com domain.
To learn a lot more about Trailhead Playgrounds, see Trailhead Playground Management.
Want to Get Hands-On with My Domain?
In this unit, we show you the steps to set your My Domain policies and customize your Salesforce login page. We don’t have a hands-on challenge in this unit, but if you want to follow along and try out the steps, here’s how to launch your Trailhead Playground.
- First, make sure you are logged in to Trailhead.
- Click your user avatar in the upper-right corner of this page and select Hands-on Orgs from the dropdown.
- Click Launch next to the org you want to open. Or, if you want to create a new playground, click Create Playground.
Set My Domain Policies
When you have a My Domain, a section appears in your My Domain Setup page. It’s called Policies, and it gives you more control over how your My Domain is used.
Let’s imagine this scenario. You’re a Salesforce admin at Jedeye Technologies. You already have a deployed My Domain name: jedeyetech. With this My Domain, your org has a branded login URL, https://jedeyetech.my.salesforce.com, and its Lightning pages all use https://jedeyetech.lightning.force.com/.
Your chief marketing officer is thrilled that your brand is included in your URLs. She doesn’t want your users to see your org's Salesforce instance in the address bar of their browsers. You want to give your users a short time to update their bookmarks.
- From Setup, enter My Domain in the Quick Find box, then select My Domain.
- Under Policies, click Edit.
- Login Policy—You can require users to log in using your My Domain login page. Leave this option unchecked. We still want users to be able to log in from https://login.salesforce.com.
Redirect Policy—Control what happens when users try to use your org’s instanced URLs instead of your org’s My Domain URLs. For example, when a user visits a bookmark for https://na139.lightning.force.com/lightning/page/home instead of your org’s equivalent My Domain URL, https://jedeyetech.lightning.force.com/lightning/page/home.
You can choose between three redirect policies. Before we change anything, let’s review the options.
- Redirect to the same page within the domain—Let users continue to access your org from your instanced Salesforce URLs as well as your branded My Domain URLs. This option might be convenient, but it won’t require your users to access your branded org.
- Redirect with a warning to the same page within the domain—Remind users to use your My Domain URLs before redirecting them to your org. This can help change user behavior so users transition to the branded URLs. For the Jedeyetech scenario purposes, this sounds like the one we want.
Don't redirect (recommended)—Require users to use your My Domain login URL when accessing your org. There is an expectation with this setting that your users have transitioned to using the new My Domain URLs. If they haven’t, they get an error when they try to use your org's instanced Salesforce URLs.
- Eventually, we want to force everyone to use Jedeye Tech’s branded My Domain URLs. But for now, we want to give our users some time to update their bookmarks. So select the redirect policy, Redirect with a warning to the same page within the domain.
- Click Save.
Now when users attempt to access your org using an instanced URL, they receive a message encouraging them to update their bookmarks.This option is good for a few days to help users transition to your org's My Domain URLs. After that, you can update your My Domain again to use the recommended redirect policy: Don't redirect.
Customize Your Login Page
You have a My Domain. You’ve set your login policies. Now you’re ready to make your login page your own. Brand your login page to help your users recognize your site without having to look at the URL in the browser bar.
You can brand your login page to add a company logo, change the background, and replace the right side with your own picture or message. This area is useful for making announcements that you want users to see as they log in.
- If you’re not looking at the My Domain page, from Setup, enter My Domain in the Quick Find box, then select My Domain.
- Under Authentication Configuration, click Edit.
- Don’t change Login Page Type. This option comes into play when you want to change how users log in. For now, we’re staying with the standard username and password.
- For Logo File, upload an image of your company logo. The logo appears at the top left of the login page. Images can be .jpg, .gif, or .png files up to 100 KB. The maximum image size is 250-by-125 pixels wide.
- For Background Color, change the background color of your login page—either enter a hexadecimal color code or click the color picker .
- To update the content of the right side of the login page, specify a Right Frame URL. The content is designed to resize to fill about half of the page. In your production org, you enter the URL of a file that’s hosted at a URL using SSL encryption and has the https:// prefix. For now, you can enter the URL for one of our stock pictures: https://mydomain-sample.herokuapp.com.
- Leave the authentication methods alone. Don’t select the options to use the native browser for user authentication on iOS or Android. These options support authentication methods such as delegated authentication to certificate-based authentication for users of Salesforce and Mobile SDK applications on mobile devices. To learn more, see the Mobile SDK Development Guide. These options have no effect on the branding of our org’s login page, though, so we won’t change them.
- Click Save.
- Log out and try to log in again. You’re greeted with your new login page.
Congratulations, admin! You’ve set your My Domain redirect policy, and you’ve tailored your login page to reflect your company’s branding. Your chief marketing officer is pleased that your Salesforce org reflects your brand.