A notable change Pardot announced recently is how you will log into Pardot Classic via the pi.pardot.com URL. Beginning with the Spring ’21 release [approx Feb 2021], Pardot’s current user authentication system will be discontinued and all users will be required to use the Salesforce single sign-on link (SSO). All Pardot users not enabled with Salesforce SSO by Spring ‘21 will lose the ability to log into Pardot until they are connected to a Salesforce user.
Today, users log into pi.pardot.com through one of two methods: via direct login using Pardot credentials or single sign-on using Salesforce credentials. In the future, users will only login via the single sign-on option (Salesforce SSO).
Salesforce is making this change for several reasons, but the main driver is enhanced security. Salesforce has features like custom password policies, login hours, and a multi-factor authentication system that is far more customizable and robust than what Pardot offers today. Besides, this deeper integration with Salesforce will allow Pardot to continue to bring new feature enhancements to the Platform.
For most of our clients, enabling SSO is already standard practice. However, there are some instances where you might have Pardot-only users or Marketing Users who are not using Salesforce. These users will need to utilize Salesforce Identity Licenses. 100 Identity Licenses are provided free to all Salesforce customers who have Pardot orgs. This allows you to create a new user in Salesforce, assign the identity license, and then connect to your Pardot user. Once configured, these Marketing Only users will be able to login to Pardot via the Salesforce SSO. These users will still work in the “classic” version of Pardot and will not have access to the enhanced features in Salesforce such as the Pardot Lightning App or the new Lightning Email Builder.
If the Identity User were to log into Salesforce directly (login.salesforce.com), they will see the Salesforce Classic UI and will have limited access to objects (such as Home, Chatter, and Pardot). If they click on an object they don’t have access to, such as Reports and Dashboards, they will see the familiar “Insufficient Privileges” message. The Pardot tab provides access to the classic iframe integration.
If you use the Pardot WordPress plug-in, you will need to update the plug-in and switch to your Salesforce SSO login. There are several steps you will need to complete before you can make this transition, including creating a Consumer Key and Consumer Secret in Salesforce.
Other API Integrations
All Pardot API integrations will need to be updated to authenticate with a Salesforce SSO user before the Spring ’21 release. Pardot is communicating with the following API integration partners to make sure they are aware of this change. If there are any others that you use that are not on this list, you should contact them directly to make them aware of the change as soon as possible:
If you would like more information or assistance with any of the above changes, please contact us at shellblack.com/contact/ or email@example.com.