Creating a Connecting App require a basic understanding of how it’s going to be used so you can configure the appropriate settings. For example, if you’re creating a connected app to integrate an external application with your Salesforce API, configure the connected app with OAuth authorization settings. Or if you’re creating a connected app to act as a service provider in a SAML single sign-on (SSO) flow, configure SAML settings.
To read, create, update, or delete connected apps you would need Customize Application AND either Modify All Data OR Manage Connected Apps user permission.
From Setup, enter Apps in the Quick Find box, and select App Manager.
1) Click New Connected App button.
2) Enter the connected app’s name
3) The connected app name must be unique within your org.
4) API name will be auto derived from name or you can edit the API name as needed.
5) Enter the contact email.
6) Enter the contact phone.
If you want to give authorized access to an external app to retrieve data from Salesforce you must be integrated it with the Salesforce API using the OAuth 2.0 protocol.
7) In the API (Enable OAuth Settings) area of the page, select Enable OAuth Settings as shown in below image.
8) Enter "Callback URL".
A callback URL is the URL that is invoked after OAuth authorization for the consumer (connected app). In some contexts, the URL must be a real URL that the client’s web browser is redirected to. In others, the URL isn’t actually used, but the value between your client app and the server (the connected app definition) must be the same.
If you enter multiple callback URLs, at run time Salesforce matches the callback URL value specified by the app with one of the values in Callback URL. It must match one of the values to pass validation. Separate multiple callback URLs with line breaks. The callback URL field has a limit of 2000 characters, cumulatively. If you enter several URLs and they exceed this limit, create another connected app to manage more callback URLs.
9) Select "Selected OAuth Scopes" as Manage user data via APIs (api)
There are multiple Oauth scopes available depending on the requirement you can select one, here “Manage user data via APIs (api)” Allows access to the current, logged-in user’s account using APIs, such as REST API and Bulk API 2.0. This scope also includes chatter_api, which allows access to Connect REST API resources.
10) If you’re using the JWT OAuth flow, select Use Digital Signatures. If the app uses a certificate, click Choose File, and select the certificate on your system to upload for the JWT OAuth flow.The certificate size is limited to 4 KB.
11) To require the app’s client secret in exchange for an access token, select Require Secret for the Web Server Flow.
12) To require the client secret in the authorization request of a refresh token and hybrid refresh token flow, select Require Secret for Refresh Token Flow.
13) To control how the OAuth request handles the ID token, select Configure ID token.
We can also specify the time for which the token will be valid. The value ranges from 1 min to 720 min. The default value is 2 min.
14) When “Enable Single Logout” is checked, the user is logged out of Connected App if user logged out of Salesforce.
No comments:
Post a Comment