You are here: Home / Integration / Salesforce Authentication using OAuth
posted on July 14, 2020 by

Salesforce Authentication using OAuth

In this article we are providing the Step by Step Guide for Salesforce Authentication using OAuth and integrating Salesforce with any application using REST API.

Salesforce Authentication using OAuth

A CRM application like Salesforce.com helps you to achieve business goals, improve relationships with customers, sales, productivity. Salesforce.com is a CRM (Customer Relationship Management) solution that brings companies and customers together. Over 150,000 companies use Salesforce worldwide. Integration your application with Salesforce makes a great sense – as it will increase the reach of your application.

By integrating with Salesforce, organizations can experience greater operational productivity with the data available in real-time. Salesforce offers secure authentications like the traditional way (username/password), SAML, OAuth, single sign-on (SSO), and OpenID Connect.

Business Scenario

Let us assume that you have a web/mobile-based application. You are trying to integrate your application with Salesforce and want to use Salesforce REST API resources. You might be looking for possible ways to authenticate with Salesforce.

For a client application to access REST API resources, the request must be authorized. For this, we need to use the connected app (which is a framework that allows external applications to integrate with Salesforce using APIs) and an OAuth 2.0 authorization flow. 

In this article, let’s discuss how to create a connected app and use OAuth 2.0 authentication.

 Creating a connected app

  1. From Setup, enter Apps in the Quick Find box, and select App Manager.
  2. Click New Connected App.
  3. Enter the connected app’s name and enter the API name (re-check the name before saving. It can’t be modified later)
  4. In the API (Enable OAuth Settings) area of the page, select Enable OAuth Settings.
  1. Enter the callback URL (endpoint) that Salesforce will use to call back to your application during OAuth.
  2. Select the OAuth scopes to apply to the connected
  1. When you’ve configured all settings for your connected app, click Save.

Once saved, it generates Consumer Key, Consumer Secret. Copy them!

Request an Access Token

We need to follow two steps for fetching access token:

  1. Fetching authorization code

To get authorization code, we need to make a HTTP request to this endpoint

https://login.salesforce.com/services/oauth2/authorize?
client_id={consumer_key}&
redirect_uri={callback_url}&
response_type=code

Include these parameters in an authorization code request:

client_id: The connected app’s consumer key
redirect_uri: same as connected app’s callback URL.

After successfully authenticating the user and granting access to the app, Salesforce redirects users to the callback URL with an authorization code.

  1. Use authorization code to get token

To get access token, pass the authorization code to the Salesforce token endpoint as an HTTP POST.

https://login.salesforce.com/services/oauth2/token?grant_type=authorization_code&
code={authorization_code}&
client_id={consumer_key}&
client_secret={consumer_secret}&
redirect_uri={callback_url}

Include these parameters in request:

client_id: The connected app’s consumer key

client_secret: The connected app’s consumer secret

redirect_uri: same as connected app’s callback URL.

After Salesforce validates the connected app’s credentials, it sends back the access token to call back URL in JSON format.

Sample API call using Access token

Let’s fetch the Account object records using the HTTP GET request

URL: https://{instance_url}/services/data/v41.0/query?q=SELECT+Id+,+Name+from+Account
Headers: Authorization: Bearer {access_token}

Include these parameters in request

instance_url: Salesforce Instance URL (ex: https://mycompany.salesforce.com)
access_token: Salesforce Access token

With a successful query, you should receive a response like this one:

Conclusion

OAuth integration with Salesforce.com offers a wide range of possibilities and can help you in meeting your business goals. It is simple, secure and easy to implement.

If you are planning to integrate your application with Salesforce.com you can check our Salesforce.com Integration Services. Get in touch with our team of expert integration developers by contacting us.

Filed Under: Integration
About Harish Dhanmuri

Harish is a Senior Developer with Dhruvsoft. His interests include Salesforce.com Integration, REST / SOAP APIs, Developing Web Services, and Enterprise Application Integrations.