Authenticate Salesforce Using OAUTH 2.0
In this tutorial we will demonstrate how can we Authenticate Salesforce Using OAUTH 2.0
OAuth 2.0 is an open protocol that authorizes secure data sharing between applications through the exchange of tokens.
For client application to access REST API resources, it must be authorized as a safe visitor. To implement this authorization, use a connected app and an OAuth 2.0 authorization flow
In general the flows consist of three main steps.
- To initiate an authorization flow, a connected app, on behalf of a client app, requests access to a REST API resource.
- In response, an authorizing server grants access tokens to the connected app.
- A resource server validates these access tokens and approves access to the protected REST API resource.
The connected app framework enables an external client application to integrate with Salesforce using APIs
In this tutorial I will demonstrate how can we connect salesforce using OATH 2.0 Connection type
First we create the connected apps
Login into salesforce->go to setup->goto App maanger->Click On New Connected App
Provide the Connected App Name, Email, Enable OAUTH Settings and provide the callback URL and use the Full Access as Oauth Scope
Save the Configuration, below screen will be displayed copy the Consumer Key and Consumer Secret
Create a project in anypoint studio and configure the listener to trigger the request
Drag and drop salesforce query operation and provide the SOQL query to get all the accounts
Configure the Connection as OAUTH 2.0 and provide the below parameters:
- Consumer Key: Consumer key for the Salesforce-connected app
- Consumer Secret: Consumer secret for the connector to access Salesforce
- Authorization url: Authorization url for authorization
- Access Token url: url to access the token
- Callback path: Path for the callback
- Authorize path: Path for authorization
- External Call back url: Callback URL it is same as you configured in connected apps
Deploy the application
Open the below link in browser(you can pass the url as your external client application url)
http://localhost:8082/authorize
You will redirected to the Salesforce Login page and asked for your credentials. Allow access for this app.
A new pop up will come to allow the access to connected app to access your resources click on Allow
Once you allow access it will redirect to call back url that you configured in connected app and in your configuration
Now trigger the application from postman/soapui, accounts successfully retrieved from salesforce
Sample application: oauth2.0 auth sample application
Perhaps a dumb question. Once this is complete, do I need to ever run authorize again for this connected app? ie. If I deploy this now to cloudhub using the same connected app credentials, can I assume the authorization persists on the connected app itself in SF?
Yes, till the time connected app is approved on SF then it will not need explicit approval after each redeployment.
Thanks,
Mulesy
Fantastic, thanks for the quick response.
What is HTTP_CallBackListener configured to ?
Hey, great work on Mule, and thanks for sharing your knowledge.
There’s a resource owner Id field in the configuration. What is it’s significance? What does it mean in Salesforce oauth web app flow.
Thanks again
hey, did you find the answer yet? i have the same question too
Performing authorization step manually to start auth dance does not seem practical for application deployed to clouhub. Is there any automatic way to initialize the dance (authorization)?