What is OAuth authorization in Salesforce?
In Salesforce, you can use OAuth authorization to approve a client application’s access to your org’s protected resources. Important You can’t use OAuth independently to authenticate a user’s identity.
How do I request access to a connected app using OAuth?
For a connected app to request access, it must be integrated with your org’s REST API using the OAuth 2.0 protocol. OAuth 2.0 is an open protocol that authorizes secure data sharing between applications through the exchange of tokens.
How do I authorize a client application to access REST API resources?
For a client application to access REST API resources, it must be authorized as a safe visitor. To implement this authorization, use a connected app and an OAuth 2.0 authorization flow.
How do I initiate an authorization flow?
To initiate an authorization flow, a connected app on behalf of a client app requests access to a REST API resource. In response, an authorizing server grants access tokens to the connected app. A resource server validates these access tokens and approves access to the protected REST API resource.
Configure a Connected App
A connected app requests access to REST API resources on behalf of the client application. For a connected app to request access, it must be integrated with your org’s REST API using the OAuth 2.0 protocol. OAuth 2.0 is an open protocol that authorizes secure data sharing between applications through the exchange of tokens.
Apply an OAuth Authorization Flow
OAuth authorization flows grant a client app restricted access to REST API resources on a resource server. Each OAuth flow offers a different process for approving access to a client app, but in general the flows consist of three main steps.