Get the Consumer Key and Secret

 

OAuth 2.0 (Open Authorization 2.0) is an open standard for access delegation, commonly used to grant third-party applications limited access to a user’s resources without exposing their credentials. It allows secure access to a resource on behalf of a user while maintaining data protection and minimizing security risks.

OAuth 2.0 requires a browser for one-time user consent. The user must authorize the application’s request to access their data through a browser. Once consent is granted, the application can use the refresh token to maintain access without requiring further browser-based authentication.

Salesforce supports two approaches for configuring OAuth access:

Connected Apps - The standard option for most OAuth integrations. A connected app is typically used for user-based authentication flows, where a user signs in through a browser, grants consent, and the application receives OAuth tokens such as an access token and refresh token.
External Client Apps - An alternative option that supports additional OAuth scenarios, including server-to-server authentication through the Client Credentials flow. This approach provides more granular control over OAuth flow enablement, client secret requirements, and policy settings for issuing tokens on behalf of a specified user.

ExpandedToggleIcon   Create a connected app in Salesforce for OAuth

Create a connected app to enable OAuth-based integration and allow external applications to securely access Salesforce data:

1. Log in to Salesforce and navigate to Setup.

2. In the Quick Find search box, type App, then select App Manager.

create-connected-app

3. Select New Connected App.

4. In the dialog that appears, select Create a Connected App, then select Continue.

select-create-connected-app

5. In the Basic Information section, provide the following details:

Connected App Name: A unique identifier for your application, displayed to users during authentication.
API Name: An automatically generated value based on the app name.
Contact Email: A support email address for inquiries and notifications.

salesforce-app-manager

6. Under API (Enable OAuth Settings), select Enable OAuth Settings, then enter a Callback URL - https://oauth.devart.com/callback/57997.

note Note

You can add the following additional ports: 58997 and 59997.

7. Under Selected OAuth Scopes, select the necessary permissions for your application by clicking Add. Commonly used scopes include:

refresh_token and offline_access: This scope allows the application to refresh access tokens without requiring user reauthentication.
api: This scope grants access to Salesforce APIs for data retrieval and manipulation.
full: This scope provides full access to Salesforce data, including read and write permissions.

8. Select Save to create the Connected App.

ExpandedToggleIcon   Obtain OAuth client credentials for connected app connection

1. Navigate to the App Manager, locate your app, and click View.

2. Next to Consumer Key and Secret, select Manage Consumer Details.

A page will open displaying your Consumer Key (Client ID) and Consumer Secret (Client Secret).

 

salesforce-consumer-secret

 

ExpandedToggleIcon   Create an external client app in Salesforce

1.Log in to Salesforce, then navigate to Setup
2.Navigate to Apps > External Client Apps > External Client App Manager, then select New External Client App.

select-new-external-client-app

 

3. Under Basic Information, specify the required details. In Distribution State, select Local.

 

4. Under API (Enable OAuth Settings):

Select Enable OAuth.
Enter a Callback URL: https://oauth.devart.com/callback/57997.

note Note

You can add the following additional ports: 58997 and 59997.
Add OAuth Scopes:

   - Manage user data via APIs (api).

   - Perform requests at any time (refresh_token, offline_access).

 

enable-oauth

 

5. In Flow Enablement, select the option that matches your authentication scenario:

Enable Authorization Code and Credentials Flow - for user-based authentication.
Enable Client Credentials Flow - for server-to-server authentication.

6. In Security:

For user-based authentication:

  - Select Require secret for Web Server Flow.

  - Select Require secret for Refresh Token Flow.

 

For server-to-server authentication:

   - Clear all checkboxes.

 

  configure-oauth-security

 

7. Click Create.

 

ExpandedToggleIcon   Configure an external client app for the OAuth 2.0 client credentials flow

In server-to-server authentication, the client application uses the consumer key and consumer secret defined in the external client app to request an access token. You must specify the integration user whose permissions will be used when accessing Salesforce data.

 

1.Open the created external client app.
2.On the Policies tab, click Edit.
3.In OAuth Policies, select Enable Client Credentials Flow.
4.Specify the user on whose behalf tokens will be issued.
5.Click Save.

configure-user-oauth

 

ExpandedToggleIcon   Obtain OAuth client credentials for external client app connection

 

1.Navigate to Apps > OAuth Settings > Consumer Key and Secret
2.Locate your app and open it. 
3.Select Settings > OAuth Settings > Consumer Key and Secret
4.Copy and store the consumer details.