SLVE uses named credentials, authorization providers and connected apps to create secure connections between Salesforce. These mechanisms are managed by Salesforce and used by SLVE within the managed package. The following steps are needed to create a secure connection with another Salesforce org –
- Create connected app (target org)
- Create authorization provider (source org)
- Create named credential (source org)
- Create SLVE connection record (source org)
Create Connected App (on TARGET Salesforce org)
A connected app needs to be created on the target Salesforce org. Connected apps inform Salesforce that any requests using the connected app are legitimate. This is part of the OAuth2 specifications used by SLV when making callouts to other Salesforce orgs.
Create a new connected app by going to Setup|Build|Create|Apps|Connected Apps and entering the following information –
Connected App Name – the name helps recognize what the connected app is used for.
Contact Email – the email of the point of contact for the connected app.
Enable OAuth Settings – this checkbox must be checked.
Callback URL – enter a fake URL (i.e. https://fake.com) as this URL will be updated later based on other configuration.
Selected OAuth Scopes – Ensure the following 2 scopes are selected –
Full access (full)
Perform requests at any time (refresh_tokenm offline_access)
Click save. Once the connected app is saved the consumer key and secret, which are both uniquely generated for each connected app is needed in the next step. To retrieve those values view the newly connected app and click the Manage Consumer Details button. You may be asked to verify your identity. After verification the consumer key and secret are displayed. Save these values away for later.
See the below screenshots of an example connected app configuration and consumer key/secret.
Create Authorization Provider (on SOURCE Salesforce org)
Create an authorization provider by navigating to Setup|Administer|Security Controls|Auth. Providers. Click the New button and select Salesforce as the provider type. The following information needs to be provided –
Name – provide a name that identifies the auth provider.
URL Suffix – usually this is the name removing any special characters.
Consumer Key – the key provided in the previous step.
Consumer Secret – the secret provided in the previous step.
Authorize Endpoint URL – the authorization URL of the TARGET Salesforce org including the service name. The URL is usually as follows –
https://<SOURCE_SFDC_ORG>/services/oauth2/authorize
Token Endpoint URL – the token URL of the TARGET Salesforce org including the service name. The URL is usually as follows –
https://<SOURCE_SFDC_ORG>/services/oauth2/token
Registration Handler – click the Automatically create a registration handler template button which will generate an apex class.
Execute Registration As - select the user assigned to execute any processing when a user tries to login.
See screenshot below of an example authorization provider.
Once the Auth Provider has been created a list of URLs will be provided as shown in the screenshot below.
The callback URL must be copied into the Connected App created in the first step where the “fake” URL was used as a placeholder.
Create Named Credential (on SOURCE Salesforce org)
A named credential specifies the URL of a callout endpoint and its required authentication parameters in one definition. This simplifies the setup of authenticated callouts.
Navigate to Setup|Security |Named Credentials and click New Legacy button. The following fields must be populated –
Label – a memorable name perhaps including the user being used and the authentication provider.
URL – the url of the SOURCE Salesforce org.
Identity Type – Named Principal
Authentication Protocol – OAuth 2.0
Authentication Provider – choose the provider created in the above step.
Scope – refresh_token full ß use this exact text including spaces.
Start Authentication Flow On Save – check the box
Generate Authorization Header – check the box.
Click Save. You will be directed to the login page for authentication. Use the TARGET user/pass to authenticate.
Create SLVE Connection Record (on SOURCE Salesforce org)
The connection records allow SLVE to display all connections available for use when connecting using the virtual list view. Most of the fields are for display purposes only. The following fields must be populated –
Label - The label for the connection. This label is displayed to users when viewing available connections.
Named Credential Name - The name of the Named Credential this connection is associated with.
Target Salesforce Server Name - The name of the target Salesforce org this connection will be connecting to. This field is only used for informational purposes and is not required.
Connection User - The user used to make the connection. This field is for informational purposes only and is not required.
Once the record has been saved the connection can be tested. Click on the Test Connection button on the connection record page. If everything was successful a success message should be displayed.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article