Customize Your Login Process with My Domain

Learning Objectives

After completing this module, you’ll be able to:
  • Understand how My Domain provides more control over your login process.
  • Customize your domain name, URL, and login page.

Customize Your Salesforce Org URL with My Domain

Ever find yourself wanting to tweak the out-of-the-box Salesforce login experience for your users? For example, add your company name to the login URL? Show your logo on the login page? Let your users log in with their Google credentials? My Domain lets you do all this and more.

My Domain URL

What Is My Domain?

My Domain is sort of like creating your own empire within the Salesforce universe. It’s a Salesforce Identity feature that lets you personalize your Salesforce org by creating a subdomain (empire) within the Salesforce domain (universe).

How’s that? If your Salesforce org was created before Winter ’21, your users access your org through the instance URL that Salesforce assigns you, such as https://na30.salesforce.com. With My Domain, you give your users a nifty, personalized way to access Salesforce. Instead of the meaningless https://na30.salesforce.com URL, your URL can look like https://somethingReallycool.my.salesforce.com where:

  • somethingReallycool Equals your My Domain: your personal subdomain within the Salesforce domain. Typically, it's your company name or whatever drives your brand.
  • my.salesforce.com is the Salesforce domain name—domain, for short. My Domain login URLs all belong to this same domain.
Note

Note

Even though technically you’re creating a subdomain, it’s sometimes referred to as creating a My Domain. Also you might see a My Domain referred to as a “custom” domain but “custom” has a specific meaning for Salesforce. Custom domain URLs end with your domain name such as mycompany.com instead of salesforce.com. This subject is for another day.

Having a My Domain isn’t just about convenience and branding an org’s login experience. It's about having more control over your login process and simplifying authentication. In fact, Salesforce requires you to have a My Domain in place to:

  • Work in multiple Salesforce orgs in the same browser
  • Set up single sign-on (SSO) with external identity vendors
  • Set up authentication providers, such as Google and Facebook, so that your users can log in to your Salesforce org with their social account credentials
  • Use Lightning components in Lightning component tabs, Lightning page, the Lightning App Builder, or standalone apps

Because having a My Domain is so important, all production and Developer Edition orgs created in Winter ’21 and later get one by default. But if you don’t have one yet, don’t worry. Setting one up is simple. Let’s view this video to get a brief overview of choosing and deploying a My Domain.

My Domain Versus Trailhead Playgrounds

Did you catch that part in the video about Trailhead Playgrounds? When you begin a hands-on challenge in Trailhead, the first thing that happens is that you create a Trailhead Playground. And that Playground has a My Domain. Look at the browser’s address bar for the name of the Playground (which is actually a My Domain name). All Playground My Domain names start with a cute animal name and some random numbers to ensure uniqueness. The My Domain name ends with -dev-ed, which means that the My Domain is for a Salesforce Developer Edition org.

In this Trailhead Playground, the My Domain name, creative-raccoon-b6c0h0-dev-ed, is a subdomain within the Salesforce lightning.force.com domain.

The name of the Trailhead Playground appears in browser address bar

To learn a lot more about Trailhead Playgrounds, see Trailhead Playground Management.

Sign Up for a Developer Edition Org

In this module, you create a My Domain subdomain if your org doesn't already have one. But there’s a catch. You can’t create a subdomain within a subdomain. So you can’t use a Trailhead Playground. Instead, sign up for a production Salesforce Developer Edition org.

  1. Sign up for a free Developer Edition org.
  2. Fill out the form.
    1. For Email, enter an active email address.
    2. For Username, enter a username that looks like an email address and is unique, but it doesn't need to be a valid email account (for example, yourname@test.com).
  3. After you fill out the form, click Sign me up. A confirmation message appears.
  4. When you receive the activation email (this might take a few minutes), open it and click Verify Account.
  5. Complete your registration by setting your password and challenge question. Tip: Write down your username, password, and login URL for easy access later.
  6. You are logged in to your Developer Edition.

Now connect your new Developer Edition org to Trailhead.

  1. Make sure you're logged in to your Trailhead account.
  2. In the Challenge section at the bottom of this page, click the Playground name and then click Connect Org.
  3. On the login screen, enter the username and password for the Developer Edition you just set up.
  4. On the Allow Access? screen, click Allow.
  5. On the Want to connect this org for hands-on challenges? screen, click Yes! Save it.
You are redirected back to the challenge page and ready to use your new Developer Edition to earn this badge.

Create a My Domain

If your Developer Edition was created before the Winter ’21 release, the address bar shows that your new org uses an instance URL, such as https://na30.lightning.force.com. (If you just created a new Developer Edition org, My Domain is already enabled.)

Now you’re ready to replace that instance URL with your own subdomain. 

Let’s imagine this scenario. Suppose you’re a Salesforce admin for Jedeye Technologies. Your chief security officer has an end-of-year goal to let users securely log in to your org with their Google credentials. Before that can happen, you need to create a Salesforce subdomain with My Domain. So let’s set one up.

In our example, we’re going to use jedeye.tech, an obvious choice given our company name. When you’re creating a subdomain for your production org, work with stakeholders to determine the name before setting it in stone. Get sign-off from the right executives before moving forward.

  1. From Setup, enter My Domain in the Quick Find box, then select My Domain.
  2. Enter the name for your subdomain. Choose something fun that’s also unique. Enter your custom domain nameHere you see that our My Domain name is jedeye-tech (1). Salesforce supplies the rest of the domain name (2). Because we’re using a Developer Edition org, the domain name is -dev-ed.lightning.force.com. Your production org has the my.salesforce.com suffix.

    NOTE: If you see "My Domain Settings" instead of "My Domain Step 1", then your org already has a deployed My Domain—probably because it was created in Winter ’21 or later. To rename your My Domain in a production org, click Edit in My Domain Settings. You can't rename the My Domain in your Developer Edition org, though. So jump ahead to After Deployment: Set My Domain Policies.

  3. Click Check Availability. Salesforce checks whether this My Domain name is already in use. My Domain accept terms and register custom domain
  4. When you get the green light (3), click Register Domain (4).
  5. Sit back and watch for an email telling you that the process completed. Behind the scenes, Salesforce prepares your org's My Domain and updates its domain name registries.

Test and Deploy Your My Domain

Did you get your activation email? Look for an email with a subject like, “Salesforce domain ready for testing.” Now let’s finish setting up your org's My Domain and rolling it out to your users.

Email message with the link to the new My Domain

  1. From the email you receive, click the link to get back to the My Domain wizard.
  2. The link takes you to your Salesforce org. Notice the URL in the browser address bar shows your new My Domain name. Custom domain URLRight now, you’re the only one who has this URL. Before you roll out the subdomain to your users, you must check that the links in your org all lead to your subdomain URL.

    Why wouldn’t they? If your Salesforce admin customized your org, such as adding custom buttons or Visualforce pages, the org can have hard-coded references. Hard-coded references are links that contain your instance name, such as https://na99.salesforce.com. Since we haven’t customized our org, we know it doesn’t have any faulty URLs. So we can go on. But when you’re setting up My Domain on a production org, you can learn more about faulty URLs. Search for the KB article, “Updating Hard-Coded References” in Salesforce Help.

  3. Click Log in to continue setting up My Domain. Enter the username and password you used when you signed up for your org.
  4. Pretend that we’ve completed testing links. It’s time to make your My Domain available to all the users in your org.
  5. Click Deploy to Users, and then click OK. Deploying a My Domain rolls out the new URL throughout your org. Now all your users see the My Domain URL in their browser address bar.
    Note: This step is often overlooked, especially when you’re interrupted while working on this module. If you walked away, get yourself back to My Domain. From Setup, enter My Domain in the Quick Find box, then select My Domain. Salesforce takes you to the step in the My Domain wizard where you left off. If you’re still at Step 3, click Deploy to Users.
  6. Click OK.

Now that the My Domain is deployed, notice that the page displays more configuration options. Let’s continue configuring it. Next up, set your login policies.

After Deployment: Set My Domain Policies

Did you notice that a new section appeared in your My Domain Setup page when you deployed your My Domain to all users? It’s called My Domain Settings, and it gives you some more control over how your My Domain is used. Let’s take a look.
  1. If you’re not looking at the My Domain page, from Setup, enter My Domain in the Quick Find box, then select My Domain.
  2. Under My Domain Settings, click Edit. Set login policies to control what happens when users try to log in from your old URL instead of from My Domain. My Domain login settings
  3. For now, keep the default settings, but let’s review the options.
    Login Policy—You can require users to log in using your My Domain login page. This prevents users from attempting to log in with the generic https://login.salesforce.com/ URL.
    Redirect Policy—You can choose between three redirect policies. That is, if someone selects a bookmark such as https://na30.salesforce.com, we redirect them to the My Domain equivalent.
    • Redirect to the same page within the domain. Let users continue to log in from your URL as well as your My Domain login URL. This option might be convenient, but it’s like nothing has changed.
    • Redirected with a warning to the same page within the domain. Reminds users to use your My Domain login URL when logging in. Yet it still redirects them to your org. This option is good for a few days after you deploy your My Domain to help users transition to your org's new login URL.
    • Not redirected. Requires users to use your My Domain login URL when accessing your org. The training wheels are off. Expect that your users have transitioned to using the My Domain login URL. If they haven’t, they get an error when they try to use your instance URL or login in from login.salesforce.com.
  4. Rename your My Domain lets you rename your My Domain, for example, if your company’s name or branding changes.

Customize and Deploy Your Login Page

You’ve created your My Domain. You’ve set your login policies. Now you’re ready to make your login page your own. Brand your login page to help your users recognize your site without having to squint at the URL in the browser bar.

You can brand your login page to add a company logo, change the background, and replace the right side with your own picture or message. This area is useful for making announcements that you want users to see as they log in.
Custom login page
  1. If you’re not looking at the My Domain page, from Setup, enter My Domain in the Quick Find box, then select My Domain.
  2. Under Authentication Configuration, click Edit. If you’re asked for it, grant permission to open Authentication Configuration in a new tab. Login page set up
  3. For Logo File, upload an image of your company logo. The logo appears at the top left of the login page. Images can be .jpg, .gif, or .png files up to 100 KB. The maximum image size is 250-by-125 pixels wide.
  4. For Background Color, change the background color of your login page—either enter a hexadecimal color code or click the color picker Select a color from color picker.
  5. Update the content of the right side of the login page. The content is designed to resize to fill about half of the page. On your production org, you enter the URL of a file that’s hosted at a URL using SSL encryption and has the https:// prefix. For now, you can enter the URL for one of our stock pictures: https://mydomain-sample.herokuapp.com.
  6. Don’t change Login Page Type now. This option comes into play when you want to change how users log in. For now, we’re staying with the standard username and password.
  7. Click Save.
  8. Log out and try to log in again. You’re greeted with your new login page.
Sample login page

You’re Done!

Congratulations administrator! You’ve customized your org's URLs with My Domain. And you’ve tailored your login page to reflect your company’s branding. Your chief security officer will be pleased that you’re closer to the end-of-year goal of allowing users to log in with Google credentials.

Resources