Authenticate Salesforce Using OAUTH 2.0

 

In this tutorial we will demonstrate how can we Authenticate Salesforce Using OAUTH 2.0

OAuth 2.0 is an open protocol that authorizes secure data sharing between applications through the exchange of tokens.

For client application to access REST API resources, it must be authorized as a safe visitor. To implement this authorization, use a connected app and an OAuth 2.0 authorization flow

In general the flows consist of three main steps.

  • To initiate an authorization flow, a connected app, on behalf of a client app, requests access to a REST API resource.
  • In response, an authorizing server grants access tokens to the connected app.
  • A resource server validates these access tokens and approves access to the protected REST API resource.

The connected app framework enables an external client application to integrate with Salesforce using APIs

In this tutorial I will demonstrate how can we connect salesforce using OATH 2.0 Connection type

First we create the connected apps

Login into salesforce->go to setup->goto App maanger->Click On New Connected App

Provide the Connected App Name, Email, Enable OAUTH Settings and provide the callback URL and use the Full Access as Oauth Scope

 

Save the Configuration, below screen will be displayed copy the Consumer Key and Consumer Secret

 

Create a project in anypoint studio and configure the listener to trigger the request

Drag and drop salesforce query operation and provide the SOQL query to get all the accounts

 

Configure the Connection as OAUTH 2.0 and provide the below parameters:

  • Consumer Key: Consumer key for the Salesforce-connected app
  • Consumer Secret: Consumer secret for the connector to access Salesforce
  • Authorization url: Authorization url for authorization
  • Access Token url: url to access the token
  • Callback path: Path for the callback
  • Authorize path: Path for authorization
  • External Call back url: Callback URL it is same as you configured in connected apps

Ref: https://developer.salesforce.com/docs/atlas.en-us.196.0.api_rest.meta/api_rest/intro_understanding_oauth_endpoints.htm

 

Deploy the application

Open the below link in browser(you can pass the url as your external client application url)

http://localhost:8082/authorize

You will redirected to the Salesforce Login page and asked for your credentials. Allow access for this app.

A new pop up will come to allow the access to connected app to access your resources click on Allow

Once you allow access it will redirect to call back url that you configured in connected app and in your configuration

Now trigger the application from postman/soapui, accounts successfully retrieved from salesforce

 

 

Sample application: oauth2.0 auth sample application

  
Thank you for taking out time to read the above post. Hope you found it useful. In case of any questions, feel free to comment below. Also, if you are keen on knowing about a specific topic, happy to explore your recommendations as well.
 
For any latest updates or posts on our website, you can follow us on LinkedIn. Look forward to connecting with you there.


Share this:
Subscribe
Notify of
guest
7 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Geoff
Geoff
3 years ago

Perhaps a dumb question. Once this is complete, do I need to ever run authorize again for this connected app? ie. If I deploy this now to cloudhub using the same connected app credentials, can I assume the authorization persists on the connected app itself in SF?

Geoff
Geoff
3 years ago
Reply to  admin

Fantastic, thanks for the quick response.

Alex
Alex
3 years ago

What is HTTP_CallBackListener configured to ?

Sai
Sai
2 years ago

Hey, great work on Mule, and thanks for sharing your knowledge.

There’s a resource owner Id field in the configuration. What is it’s significance? What does it mean in Salesforce oauth web app flow.

Thanks again

lakshmi
lakshmi
1 year ago
Reply to  Sai

hey, did you find the answer yet? i have the same question too

Nilay
Nilay
1 year ago

Performing authorization step manually to start auth dance does not seem practical for application deployed to clouhub. Is there any automatic way to initialize the dance (authorization)?