This is my presentation used for the live session at India Dreamin 2018 (ID18). In this session, I told how you can create your own custom authentication provider in Salesforce to connect with 3rd party apis using OAuth.
4. indiadreamin.in info@indiadreamin Sfindiadreamin @sfindiadreaminindiadreamin.in info@indiadreamin SFindiadreamin @sfindiadreamin
What is API ?
API stands for Application Programming Interface.
4
6. indiadreamin.in info@indiadreamin Sfindiadreamin @sfindiadreamin
”indiadreamin.in info@indiadreamin SFindiadreamin @sfindiadreamin
“Trust is Salesforce’s number 1 value and it
has to be the highest value in your company”
6
- Marc Benioff
7. indiadreamin.in info@indiadreamin Sfindiadreamin @sfindiadreaminindiadreamin.in info@indiadreamin SFindiadreamin @sfindiadreamin
What is Authentication
Provider ?
Authentication providers are used to prove the identity of users. Salesforce
provides a number of inbuilt authentication providers to connect your org with
popular applications like:- Google, Facebook etc.
7
8. indiadreamin.in info@indiadreamin Sfindiadreamin @sfindiadreamin
8
▹ Authenticate once, use multiple times.
▹ If the access token is expired, Salesforce will automatically use the refresh
token to get a new access token from the 3rd party server.
▹ 3 Legged Authentication mechanism can be implemented which makes
user authentication much more secure and powerful.
▹ You don’t need to worry about the authentication headers as these are
automatically added while making the requests.
Why do we need a custom Authentication
Provider ?
9. indiadreamin.in info@indiadreamin Sfindiadreamin @sfindiadreamin
9
Basic OAuth Flows
USERNAME - PASSWORD FLOW
▹ In this flow, you send the client id,
client secret, username and
password to the access token URL to
get the access token.
▹ The access token is then passed in
header in subsequent requests.
AUTHORIZATION CODE FLOW
▹ In this flow, you send the client id, client
secret and callback URL to the authorization
URL which redirects you to the login screen.
▹ After logging in, it takes you to the callback
URL with a code appended at the end.
▹ Callback URL redirects it to the access token
URL along with the unique code which
ultimately provides the access token and
optionally, a refresh token.
10. indiadreamin.in info@indiadreamin Sfindiadreamin @sfindiadreamin
10 OAuth Flow
Authorization URL
Code sent to
Callback URL
Access Token URL
Access Token
in Response
1.
2.
Connected
App on
Server
12. indiadreamin.in info@indiadreamin Sfindiadreamin @sfindiadreamin
12
Boilerplate code and My references
GitHub Repository
This github repository consists of
whole code of this demo as well
as a template for you to use and
customize.
https://github.com/rahulmalhotr
a/Salesforce-Custom-
Authentication-Provider-
Template
SFDC Stop Blog
For the detailed explanation and
video of the same visit my blog
on the link given below.
https://sfdcstop.blogspot.com/2
018/11/create-custom-
authentication-provider.html
Presentation
This presentation will be
available at the slideshare link
given below.
https://www.slideshare.net/Rahu
lMalhotra98/create-custom-
authentication-provider-and-
forget-the-hassle-of-managing-
tokens-id18