Remote-access Guide

salesforce remote access 2.0

by Wilma Steuber Sr. Published 3 years ago Updated 2 years ago
image

Request an Authorization Code

To initiate the OAuth 2.0 web server flow, the external web service—via the connected app—posts an authorization code request using the authorization code grant type to the Salesforce authorization endpoint.

User Authenticates and Authorizes Access

Before Salesforce provides authorization codes to connected apps, the authenticating users are asked to log in to their Salesforce org.

Salesforce Grants Authorization Code

After users approve access to a connected app, Salesforce redirects users to the callback URL, where they can view the callback with an authorization code.

Request an Access Token

To request an access token, the connected app passes the authorization code to the Salesforce token endpoint as an HTTP POST.

Salesforce Grants an Access Token

After Salesforce validates the connected app’s credentials, it sends back a response with the access token. In this example, the response is in a JSON format.

Configure a Connected App

A connected app requests access to REST API resources on behalf of the client application. For a connected app to request access, it must be integrated with your org’s REST API using the OAuth 2.0 protocol. OAuth 2.0 is an open protocol that authorizes secure data sharing between applications through the exchange of tokens.

Apply an OAuth Authorization Flow

OAuth authorization flows grant a client app restricted access to REST API resources on a resource server. Each OAuth flow offers a different process for approving access to a client app, but in general the flows consist of three main steps.

image
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9