SlideShare ist ein Scribd-Unternehmen logo

Deep dive into Salesforce Connected App

Als PPTX, PDF herunterladen
D
Dhanik Sahni

This document provides an overview of connected apps in Salesforce. It defines connected apps and their usage, protocols like OAuth and SAML, and terminology. It also demonstrates how to create a connected app, integrate a service provider using SAML or OpenID Connect, and manage access to third-party apps. The document contains examples of connected app use cases and managing OAuth access policies. It concludes by encouraging the reader to continue exploring and learning.

Technologie
1 von 26
Deep Dive into Connected App SalesforceCodex.com 1
SalesforceCodex.com 2 About Me Dhanik Lal Sahni Technical Architect Conduent Business Solution Certified Application Architect Twitter : @dhaniksahni Blog : salesforcecodex.com
SalesforceCodex.com 3 Session 13-Agenda • In a given scenario, recommend when to use API-based integrations, such as SOAP, REST, Bulk, Streaming, Canvas, Workflow outbound, APEX (Callouts, @ future, etc.), and Lightning Connect to achieve business requirements. • Compare and contrast the advantages and drawbacks (design trade-offs) of using API-based integrations such as SOAP, REST, Bulk, Streaming, Canvas, Workflow outbound, APEX (Callouts, @future, etc.), and Lightning Connect. 28% 17% 15% 10% 15% 10% 5% Integration Architecture Designer Exam 1 2 3 4 5 6 7 Salesforce Integration Capabilities:: 28%
SalesforceCodex.com 4 AGENDA • What is Connected App? • Usage of Connected App • Connected App Terminology • Demos
SalesforceCodex.com 5 WHAT IS CONNECTED APP?  A connected app is a framework that enables an external application to integrate with Salesforce using APIs,  Connected app uses standard protocols, such as SAML, OAuth, and OpenID Connect to authorize, authenticate, and provide single sign-on (SSO) for external apps.
SalesforceCodex.com 6 CONNECTED APP PROTOCOLS  OAuth 2.0 is the industry-standard protocol for authorization.  OAuth 2.0 focuses on client side to provide specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.  Basically it allows a user’s information to be used by third party system without exposing passwords.  Add an identity layer on top of OAuth2.0  Allows Clients to verify the End-User Identity and obtain his basic information.  Basically it is used for user authentication  Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication information between services.  SAML is frequently used to implement internal corporate single sign-on (SSO) solutions where the user logs into a service that acts as the single source of identity
SalesforceCodex.com 7 Connected App and OAuth Terminology Access Token Authorization Code Instead of using the user’s Salesforce credentials, a consumer (connected app) can use an access token to gain access Only used in OAuth 2.0 with the web server flow, the authorization code is a token that represents the access granted by the end user. The authorization code is used to obtain an access token and a refresh token. It expires after 15 minutes. Authorization Server The authorization server is the server that authorizes a resource owner, and upon successful authorization, issues access tokens to the requesting consumer. Callback URL A callback URL is the URL that is invoked after OAuth authorization for the consumer (connected app) Consumer A consumer is the website or app that uses OAuth to authorize both the Salesforce user and itself on the user’s behalf. Consumer Key A consumer uses a key to identify itself to Salesforce.
SalesforceCodex.com 8 Connected App and OAuth Terminology Consumer Secret Refresh Token A consumer uses a secret to establish ownership of the consumer key Only used in OAuth 2.0, a consumer can use a refresh token to obtain a new access token, without having the end user approve the access again. Resource Owner The resource owner is the entity (usually the end user) that grants access to a protected resource. Resource Server The resource server is the server that hosts the protected resource. Your Salesforce org is the resource server that protects your data.
SalesforceCodex.com 9 CONNECTED APP USE CASES Access Data with API Integration • Use a connected app to request access to Salesforce data on behalf of an external application • Must be integrated with the Salesforce API using the OAuth 2.0 protocol Integrate Service Providers with Your Salesforce Org • Use a connected app to integrate your service provider with your Salesforce org • Use a connected app with SAML 2.0 or OpenID Connect to integrate a service provider with your Salesforce org Manage Access to Third-Party Apps • Admins can set security policies to control what data a third-party app can access from your org. • Admins can also define who can use the third-party app
SalesforceCodex.com 10 CREATE A CONNECTED APP
SalesforceCodex.com 11 Connected App Server Scopes Scope DESCRIPTION Access Pardot services (pardot_api) Allows access to Pardot API services on behalf of the user. Access and manage your data (api) Allows access to the current, logged-in user’s account using APIs, such as REST API and Bulk API. This scope also includes chatter_api. Access and manage your Chatter feed (chatter_api) Allows access to Connect REST API resources on behalf of the user. Access custom permissions (custom_permi ssions) Allows access to the custom permissions in an org associated with the connected app. Full access (full) Allows access to all data accessible by the logged-in user, and encompasses all other scopes.
SalesforceCodex.com 12 Connected App Server Scopes Access your basic information (id, profile, email, address, phone) Allows access to the identity URL service. You can request profile, email, address, or phone individually to get the same result as using id; they are all synonymous. Allow access to your unique identifier (openid) Allows access to the current, logged in user’s unique identifier for OpenID Connect apps. In the OAuth 2.0 user-agent flow and the OAuth 2.0 web server flow, use the openid scope. Perform requests on your behalf at any time (refresh_token, offline_access) Allows a refresh token to be returned when the requesting client is eligible to receive one. Provide access to your data via the Web (web) Allows use of the access_token on the web. This scope also includes visualforce, allowing access to customer-created Visualforce pages.
SalesforceCodex.com 13 CREATE A CONNECTED APP device with limited input or display capabilities, URL which is redirected to after successful authorization.
SalesforceCodex.com 14 DEMO Integrate Salesforce In ASP.NET using API Integration
SalesforceCodex.com 15 Integrate Service Providers with Your Salesforce Org • Single sign-on (SSO) lets users access other applications without logging in separately to each one—and without having to create (and remember) different user credentials for each app. • Two server roles important in SSO - Identity Providers and Service Providers Identity Provider Service Provider An identity provider is a system entity that creates, maintains, and manages identity information. A service provider is a vendor that provides IT solutions and/or services to end users and organizations.
SalesforceCodex.com 16 Integrate Service Providers with Your Salesforce Org Integrate a Service Provider with SAML To integrate a service provider with your Salesforce org, you can use a connected app that implements SAML 2.0 for user authentication
SalesforceCodex.com 17 Integrate Service Providers with Your Salesforce Org Integrate a Service Provider with OpenID Connect • OpenID Connect is a rewrite of SAML using OAuth 2.0. • In SAML, the user is redirected from the Service Provider (SP) to the Identity Provider (IDP) for sign in. • In OpenID Connect, the user is redirected from the Relying Party (RP) to the OpenID Provider (OP) for sign in.
SalesforceCodex.com 18 Demo Single Sign-on within two Salesforce Org
SalesforceCodex.com 19 Manage Access to Third-Party Apps
SalesforceCodex.com 20 Install a Connected App • We can install a connected app by installing a managed package that includes the connected app as a component. • We can also install it from OAuth connected app from the Connected Apps OAuth Usage page
SalesforceCodex.com 21 Uninstall a Third-Party Connected App • We can uninstall a third-party connected app from your org. • Uninstalling an app doesn’t delete the connected app. It delete OAuth policies. • Uninstalling a connected app only when the original developer deletes the app from their org • We can also block app to make it inaccessible.
SalesforceCodex.com 22 Manage OAuth Access Policies for a Connected App Permitted Users • All users may self-authorize • Allows all users in the org to authorize the app after successfully signing in. • Users must approve the app the first time they access it • Admin approved users are pre-authorized • Allows only users with the associated profile or permission set to access the app without first authorizing it.
SalesforceCodex.com 23 Manage OAuth Access Policies for a Connected App IP Relaxation • Enforce IP restrictions: • Enforces the IP restrictions configured for the org, such as the IP ranges assigned to a user profile. • Enforce IP restrictions, but relax for refresh tokens: • Enforces the IP restrictions configured for the org but relax for refresj token • Relax IP restrictions for activated devices • Allows a user running the app to bypass the org’s IP restrictions • app has a list of allowed IP ranges and is using the web server authentication flow. • Relax IP restrictions • Allows a user to run this app without org IP restrictions. Determines user’s access to the app is restricted by IP ranges.
SalesforceCodex.com 24 Manage OAuth Access Policies for a Connected App Refresh Token Policy • Refresh token is valid until revoked— • Default. The refresh token is used indefinitely, unless revoked by the user or Salesforce admin. • Immediately expire refresh token— • The refresh token is invalid immediately. The user can use the current session (access token) already issued, but can’t obtain a new session when the access token expires. • Expire refresh token if not used for n: • The refresh token is valid as long as it’s been used within the specified amount of time. • Expire refresh token after n • The refresh token is valid for a fixed amount of time.  Determine how long a refresh token is valid for.  If refresh tokens are provided, users can continue to access the OAuth-enabled connected app without having to reauthorize when the access token expires .  Refresh tokens are required only when a user’s session has expired or isn’t available.
salesforcecodex.com 25 Share some inspiring words about @salesforcecodex on twitter
salesforcecodex.com 26 Keep Exploring. Keep Learning.

Empfohlen

Salesforce Streaming event - PushTopic and Generic Events
Salesforce Streaming event - PushTopic and Generic EventsSalesforce Streaming event - PushTopic and Generic Events
Salesforce Streaming event - PushTopic and Generic EventsDhanik Sahni
 
Salesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewSalesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewDhanik Sahni
 
Integrating with salesforce
Integrating with salesforceIntegrating with salesforce
Integrating with salesforceMark Adcock
 
Salesforce integration best practices columbus meetup
Salesforce integration best practices columbus meetupSalesforce integration best practices columbus meetup
Salesforce integration best practices columbus meetupMuleSoft Meetup
 
Architecting Multi-Org Solutions
Architecting Multi-Org SolutionsArchitecting Multi-Org Solutions
Architecting Multi-Org SolutionsSalesforce Developers
 
Salesforce - Implicit Sharing, Record Locks & Skews
Salesforce - Implicit Sharing, Record Locks & SkewsSalesforce - Implicit Sharing, Record Locks & Skews
Salesforce - Implicit Sharing, Record Locks & SkewsNora Nicklis
 
Secure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSecure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSalesforce Developers
 
Intro to Salesforce Lightning Web Components (LWC)
Intro to Salesforce Lightning Web Components (LWC)Intro to Salesforce Lightning Web Components (LWC)
Intro to Salesforce Lightning Web Components (LWC)Roy Gilad
 

Empfohlen

Salesforce Streaming event - PushTopic and Generic Events
Salesforce Streaming event - PushTopic and Generic EventsSalesforce Streaming event - PushTopic and Generic Events
Salesforce Streaming event - PushTopic and Generic EventsDhanik Sahni
 
Salesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewSalesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewDhanik Sahni
 
Integrating with salesforce
Integrating with salesforceIntegrating with salesforce
Integrating with salesforceMark Adcock
 
Salesforce integration best practices columbus meetup
Salesforce integration best practices columbus meetupSalesforce integration best practices columbus meetup
Salesforce integration best practices columbus meetupMuleSoft Meetup
 
Architecting Multi-Org Solutions
Architecting Multi-Org SolutionsArchitecting Multi-Org Solutions
Architecting Multi-Org SolutionsSalesforce Developers
 
Salesforce - Implicit Sharing, Record Locks & Skews
Salesforce - Implicit Sharing, Record Locks & SkewsSalesforce - Implicit Sharing, Record Locks & Skews
Salesforce - Implicit Sharing, Record Locks & SkewsNora Nicklis
 
Secure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSecure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSalesforce Developers
 
Intro to Salesforce Lightning Web Components (LWC)
Intro to Salesforce Lightning Web Components (LWC)Intro to Salesforce Lightning Web Components (LWC)
Intro to Salesforce Lightning Web Components (LWC)Roy Gilad
 
Exploring the Salesforce REST API
Exploring the Salesforce REST APIExploring the Salesforce REST API
Exploring the Salesforce REST APISalesforce Developers
 
Getting started with Salesforce security
Getting started with Salesforce securityGetting started with Salesforce security
Getting started with Salesforce securitySalesforce Admins
 
Two-Way Integration with Writable External Objects
Two-Way Integration with Writable External ObjectsTwo-Way Integration with Writable External Objects
Two-Way Integration with Writable External ObjectsSalesforce Developers
 
Salesforce Integration Patterns
Salesforce Integration PatternsSalesforce Integration Patterns
Salesforce Integration Patternsusolutions
 
Demystify Salesforce Bulk API
Demystify Salesforce Bulk APIDemystify Salesforce Bulk API
Demystify Salesforce Bulk APIDhanik Sahni
 
Checklist for successful salesforce implementation
Checklist for successful salesforce implementationChecklist for successful salesforce implementation
Checklist for successful salesforce implementationCloud Analogy
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingSalesforce Developers
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorSalesforce Developers
 
The Role of the Salesforce Administrator
The Role of the Salesforce Administrator The Role of the Salesforce Administrator
The Role of the Salesforce Administrator Ebsta Limited
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce OrgSalesforce Admins
 
Champion Productivity with Service Cloud
Champion Productivity with Service CloudChampion Productivity with Service Cloud
Champion Productivity with Service CloudSalesforce Admins
 
Salesforce ppt
Salesforce pptSalesforce ppt
Salesforce pptNimish Chaini
 
Copado - SoftClouds | Expertise
Copado - SoftClouds | ExpertiseCopado - SoftClouds | Expertise
Copado - SoftClouds | ExpertiseSoftClouds LLC
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce CommunitiesSunil kumar
 
Best Practices with Apex in 2022.pdf
Best Practices with Apex in 2022.pdfBest Practices with Apex in 2022.pdf
Best Practices with Apex in 2022.pdfMohith Shrivastava
 
Record sharing model in salesforce
Record sharing model in salesforceRecord sharing model in salesforce
Record sharing model in salesforceSunil kumar
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsSalesforce Developers
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilitySalesforce Developers
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce IntegrationJoshua Hoskins
 
Oracle APEX Social Login
Oracle APEX Social LoginOracle APEX Social Login
Oracle APEX Social Loginmsewtz
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedCalvin Noronha
 

Weitere ähnliche Inhalte

Was ist angesagt?

Getting started with Salesforce security
Getting started with Salesforce securityGetting started with Salesforce security
Getting started with Salesforce securitySalesforce Admins
 
Two-Way Integration with Writable External Objects
Two-Way Integration with Writable External ObjectsTwo-Way Integration with Writable External Objects
Two-Way Integration with Writable External ObjectsSalesforce Developers
 
Salesforce Integration Patterns
Salesforce Integration PatternsSalesforce Integration Patterns
Salesforce Integration Patternsusolutions
 
Demystify Salesforce Bulk API
Demystify Salesforce Bulk APIDemystify Salesforce Bulk API
Demystify Salesforce Bulk APIDhanik Sahni
 
Checklist for successful salesforce implementation
Checklist for successful salesforce implementationChecklist for successful salesforce implementation
Checklist for successful salesforce implementationCloud Analogy
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingSalesforce Developers
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorSalesforce Developers
 
The Role of the Salesforce Administrator
The Role of the Salesforce Administrator The Role of the Salesforce Administrator
The Role of the Salesforce Administrator Ebsta Limited
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce OrgSalesforce Admins
 
Champion Productivity with Service Cloud
Champion Productivity with Service CloudChampion Productivity with Service Cloud
Champion Productivity with Service CloudSalesforce Admins
 
Copado - SoftClouds | Expertise
Copado - SoftClouds | ExpertiseCopado - SoftClouds | Expertise
Copado - SoftClouds | ExpertiseSoftClouds LLC
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce CommunitiesSunil kumar
 
Best Practices with Apex in 2022.pdf
Best Practices with Apex in 2022.pdfBest Practices with Apex in 2022.pdf
Best Practices with Apex in 2022.pdfMohith Shrivastava
 
Record sharing model in salesforce
Record sharing model in salesforceRecord sharing model in salesforce
Record sharing model in salesforceSunil kumar
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsSalesforce Developers
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilitySalesforce Developers
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce IntegrationJoshua Hoskins
 

Was ist angesagt? (20)

Exploring the Salesforce REST API
Exploring the Salesforce REST APIExploring the Salesforce REST API
Exploring the Salesforce REST API
 
Getting started with Salesforce security
Getting started with Salesforce securityGetting started with Salesforce security
Getting started with Salesforce security
 
Two-Way Integration with Writable External Objects
Two-Way Integration with Writable External ObjectsTwo-Way Integration with Writable External Objects
Two-Way Integration with Writable External Objects
 
Salesforce Integration Patterns
Salesforce Integration PatternsSalesforce Integration Patterns
Salesforce Integration Patterns
 
Demystify Salesforce Bulk API
Demystify Salesforce Bulk APIDemystify Salesforce Bulk API
Demystify Salesforce Bulk API
 
Checklist for successful salesforce implementation
Checklist for successful salesforce implementationChecklist for successful salesforce implementation
Checklist for successful salesforce implementation
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and Testing
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData Connector
 
The Role of the Salesforce Administrator
The Role of the Salesforce Administrator The Role of the Salesforce Administrator
The Role of the Salesforce Administrator
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce Org
 
Champion Productivity with Service Cloud
Champion Productivity with Service CloudChampion Productivity with Service Cloud
Champion Productivity with Service Cloud
 
Salesforce ppt
Salesforce pptSalesforce ppt
Salesforce ppt
 
Copado - SoftClouds | Expertise
Copado - SoftClouds | ExpertiseCopado - SoftClouds | Expertise
Copado - SoftClouds | Expertise
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce Communities
 
Best Practices with Apex in 2022.pdf
Best Practices with Apex in 2022.pdfBest Practices with Apex in 2022.pdf
Best Practices with Apex in 2022.pdf
 
Record sharing model in salesforce
Record sharing model in salesforceRecord sharing model in salesforce
Record sharing model in salesforce
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected Apps
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security Model
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura Interoperability
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce Integration
 

Ähnlich wie Deep dive into Salesforce Connected App

Oracle APEX Social Login
Oracle APEX Social LoginOracle APEX Social Login
Oracle APEX Social Loginmsewtz
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedCalvin Noronha
 
SharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief OverviewSharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief OverviewNous Infosystems
 
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)gemziebeth
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Mark Adcock
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationChristian Glahn
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 
Implementing Microservices Security Patterns & Protocols with Spring
Implementing Microservices Security Patterns & Protocols with SpringImplementing Microservices Security Patterns & Protocols with Spring
Implementing Microservices Security Patterns & Protocols with SpringVMware Tanzu
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceKasun Indrasiri
 
RESTful services and OAUTH protocol in IoT
RESTful services and OAUTH protocol in IoTRESTful services and OAUTH protocol in IoT
RESTful services and OAUTH protocol in IoTYakov Fain
 
SharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelSharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelJames Tramel
 
App Model For SharePoint 2013
App Model For SharePoint 2013App Model For SharePoint 2013
App Model For SharePoint 2013Toni Il Caiser
 
#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_july#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_julyJohnMathewPhilip
 
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12MysoreMuleSoftMeetup
 
Salesforce Identity Management
Salesforce Identity ManagementSalesforce Identity Management
Salesforce Identity ManagementJayant Jindal
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsSalesforce Developers
 
Meet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalMeet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalAkshata Sawant
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesIntuit Developer
 

Ähnlich wie Deep dive into Salesforce Connected App (20)

Oracle APEX Social Login
Oracle APEX Social LoginOracle APEX Social Login
Oracle APEX Social Login
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - Demystified
 
SharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief OverviewSharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief Overview
 
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
 
Implementing Microservices Security Patterns & Protocols with Spring
Implementing Microservices Security Patterns & Protocols with SpringImplementing Microservices Security Patterns & Protocols with Spring
Implementing Microservices Security Patterns & Protocols with Spring
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
RESTful services and OAUTH protocol in IoT
RESTful services and OAUTH protocol in IoTRESTful services and OAUTH protocol in IoT
RESTful services and OAUTH protocol in IoT
 
SharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelSharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App Model
 
App Model For SharePoint 2013
App Model For SharePoint 2013App Model For SharePoint 2013
App Model For SharePoint 2013
 
#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_july#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_july
 
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
 
Salesforce Identity Management
Salesforce Identity ManagementSalesforce Identity Management
Salesforce Identity Management
 
Securing Insecure
Securing InsecureSecuring Insecure
Securing Insecure
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected Apps
 
Meet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalMeet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_final
 
OAuth
OAuthOAuth
OAuth
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST Services
 

Kürzlich hochgeladen

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Kürzlich hochgeladen (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Deep dive into Salesforce Connected App

  • 1. Deep Dive into Connected App SalesforceCodex.com 1
  • 2. SalesforceCodex.com 2 About Me Dhanik Lal Sahni Technical Architect Conduent Business Solution Certified Application Architect Twitter : @dhaniksahni Blog : salesforcecodex.com
  • 3. SalesforceCodex.com 3 Session 13-Agenda • In a given scenario, recommend when to use API-based integrations, such as SOAP, REST, Bulk, Streaming, Canvas, Workflow outbound, APEX (Callouts, @ future, etc.), and Lightning Connect to achieve business requirements. • Compare and contrast the advantages and drawbacks (design trade-offs) of using API-based integrations such as SOAP, REST, Bulk, Streaming, Canvas, Workflow outbound, APEX (Callouts, @future, etc.), and Lightning Connect. 28% 17% 15% 10% 15% 10% 5% Integration Architecture Designer Exam 1 2 3 4 5 6 7 Salesforce Integration Capabilities:: 28%
  • 4. SalesforceCodex.com 4 AGENDA • What is Connected App? • Usage of Connected App • Connected App Terminology • Demos
  • 5. SalesforceCodex.com 5 WHAT IS CONNECTED APP?  A connected app is a framework that enables an external application to integrate with Salesforce using APIs,  Connected app uses standard protocols, such as SAML, OAuth, and OpenID Connect to authorize, authenticate, and provide single sign-on (SSO) for external apps.
  • 6. SalesforceCodex.com 6 CONNECTED APP PROTOCOLS  OAuth 2.0 is the industry-standard protocol for authorization.  OAuth 2.0 focuses on client side to provide specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.  Basically it allows a user’s information to be used by third party system without exposing passwords.  Add an identity layer on top of OAuth2.0  Allows Clients to verify the End-User Identity and obtain his basic information.  Basically it is used for user authentication  Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication information between services.  SAML is frequently used to implement internal corporate single sign-on (SSO) solutions where the user logs into a service that acts as the single source of identity
  • 7. SalesforceCodex.com 7 Connected App and OAuth Terminology Access Token Authorization Code Instead of using the user’s Salesforce credentials, a consumer (connected app) can use an access token to gain access Only used in OAuth 2.0 with the web server flow, the authorization code is a token that represents the access granted by the end user. The authorization code is used to obtain an access token and a refresh token. It expires after 15 minutes. Authorization Server The authorization server is the server that authorizes a resource owner, and upon successful authorization, issues access tokens to the requesting consumer. Callback URL A callback URL is the URL that is invoked after OAuth authorization for the consumer (connected app) Consumer A consumer is the website or app that uses OAuth to authorize both the Salesforce user and itself on the user’s behalf. Consumer Key A consumer uses a key to identify itself to Salesforce.
  • 8. SalesforceCodex.com 8 Connected App and OAuth Terminology Consumer Secret Refresh Token A consumer uses a secret to establish ownership of the consumer key Only used in OAuth 2.0, a consumer can use a refresh token to obtain a new access token, without having the end user approve the access again. Resource Owner The resource owner is the entity (usually the end user) that grants access to a protected resource. Resource Server The resource server is the server that hosts the protected resource. Your Salesforce org is the resource server that protects your data.
  • 9. SalesforceCodex.com 9 CONNECTED APP USE CASES Access Data with API Integration • Use a connected app to request access to Salesforce data on behalf of an external application • Must be integrated with the Salesforce API using the OAuth 2.0 protocol Integrate Service Providers with Your Salesforce Org • Use a connected app to integrate your service provider with your Salesforce org • Use a connected app with SAML 2.0 or OpenID Connect to integrate a service provider with your Salesforce org Manage Access to Third-Party Apps • Admins can set security policies to control what data a third-party app can access from your org. • Admins can also define who can use the third-party app
  • 11. SalesforceCodex.com 11 Connected App Server Scopes Scope DESCRIPTION Access Pardot services (pardot_api) Allows access to Pardot API services on behalf of the user. Access and manage your data (api) Allows access to the current, logged-in user’s account using APIs, such as REST API and Bulk API. This scope also includes chatter_api. Access and manage your Chatter feed (chatter_api) Allows access to Connect REST API resources on behalf of the user. Access custom permissions (custom_permi ssions) Allows access to the custom permissions in an org associated with the connected app. Full access (full) Allows access to all data accessible by the logged-in user, and encompasses all other scopes.
  • 12. SalesforceCodex.com 12 Connected App Server Scopes Access your basic information (id, profile, email, address, phone) Allows access to the identity URL service. You can request profile, email, address, or phone individually to get the same result as using id; they are all synonymous. Allow access to your unique identifier (openid) Allows access to the current, logged in user’s unique identifier for OpenID Connect apps. In the OAuth 2.0 user-agent flow and the OAuth 2.0 web server flow, use the openid scope. Perform requests on your behalf at any time (refresh_token, offline_access) Allows a refresh token to be returned when the requesting client is eligible to receive one. Provide access to your data via the Web (web) Allows use of the access_token on the web. This scope also includes visualforce, allowing access to customer-created Visualforce pages.
  • 13. SalesforceCodex.com 13 CREATE A CONNECTED APP device with limited input or display capabilities, URL which is redirected to after successful authorization.
  • 14. SalesforceCodex.com 14 DEMO Integrate Salesforce In ASP.NET using API Integration
  • 15. SalesforceCodex.com 15 Integrate Service Providers with Your Salesforce Org • Single sign-on (SSO) lets users access other applications without logging in separately to each one—and without having to create (and remember) different user credentials for each app. • Two server roles important in SSO - Identity Providers and Service Providers Identity Provider Service Provider An identity provider is a system entity that creates, maintains, and manages identity information. A service provider is a vendor that provides IT solutions and/or services to end users and organizations.
  • 16. SalesforceCodex.com 16 Integrate Service Providers with Your Salesforce Org Integrate a Service Provider with SAML To integrate a service provider with your Salesforce org, you can use a connected app that implements SAML 2.0 for user authentication
  • 17. SalesforceCodex.com 17 Integrate Service Providers with Your Salesforce Org Integrate a Service Provider with OpenID Connect • OpenID Connect is a rewrite of SAML using OAuth 2.0. • In SAML, the user is redirected from the Service Provider (SP) to the Identity Provider (IDP) for sign in. • In OpenID Connect, the user is redirected from the Relying Party (RP) to the OpenID Provider (OP) for sign in.
  • 18. SalesforceCodex.com 18 Demo Single Sign-on within two Salesforce Org
  • 20. SalesforceCodex.com 20 Install a Connected App • We can install a connected app by installing a managed package that includes the connected app as a component. • We can also install it from OAuth connected app from the Connected Apps OAuth Usage page
  • 21. SalesforceCodex.com 21 Uninstall a Third-Party Connected App • We can uninstall a third-party connected app from your org. • Uninstalling an app doesn’t delete the connected app. It delete OAuth policies. • Uninstalling a connected app only when the original developer deletes the app from their org • We can also block app to make it inaccessible.
  • 22. SalesforceCodex.com 22 Manage OAuth Access Policies for a Connected App Permitted Users • All users may self-authorize • Allows all users in the org to authorize the app after successfully signing in. • Users must approve the app the first time they access it • Admin approved users are pre-authorized • Allows only users with the associated profile or permission set to access the app without first authorizing it.
  • 23. SalesforceCodex.com 23 Manage OAuth Access Policies for a Connected App IP Relaxation • Enforce IP restrictions: • Enforces the IP restrictions configured for the org, such as the IP ranges assigned to a user profile. • Enforce IP restrictions, but relax for refresh tokens: • Enforces the IP restrictions configured for the org but relax for refresj token • Relax IP restrictions for activated devices • Allows a user running the app to bypass the org’s IP restrictions • app has a list of allowed IP ranges and is using the web server authentication flow. • Relax IP restrictions • Allows a user to run this app without org IP restrictions. Determines user’s access to the app is restricted by IP ranges.
  • 24. SalesforceCodex.com 24 Manage OAuth Access Policies for a Connected App Refresh Token Policy • Refresh token is valid until revoked— • Default. The refresh token is used indefinitely, unless revoked by the user or Salesforce admin. • Immediately expire refresh token— • The refresh token is invalid immediately. The user can use the current session (access token) already issued, but can’t obtain a new session when the access token expires. • Expire refresh token if not used for n: • The refresh token is valid as long as it’s been used within the specified amount of time. • Expire refresh token after n • The refresh token is valid for a fixed amount of time.  Determine how long a refresh token is valid for.  If refresh tokens are provided, users can continue to access the OAuth-enabled connected app without having to reauthorize when the access token expires .  Refresh tokens are required only when a user’s session has expired or isn’t available.
  • 25. salesforcecodex.com 25 Share some inspiring words about @salesforcecodex on twitter