Sunday, January 07, 2018

Understand Connected Apps in Salesforce

What is connected apps?

A "Connected App" is an application that can connect to salesforce.com over Identity and Data APIs. Connected Apps use the standard OAuth 2.0 protocol to authenticate, provide Single Sign-On, and acquire access tokens for use with Salesforce APIs. In addition to the standard OAuth capabilities supported by the existing Remote Appsfeature (which Connected Apps is designed to replace), Connected Apps add additional levels of control, allowing administrators explicit control over who can use the application, and various security policies to be enforced by the application.Read more ...

When we develop an external application that needs to authenticate with Salesforce, we need to define it as a new connected app within the Salesforce organization that informs Salesforce of this new authentication entry point.Read more ...
It is an external application that connect to salesforce.In order to enable the authentication we need to definit it as Connected Apps in Salesforce.
Some example of Connected Apps are :

  • Ant Migration Tool
  • Chatter Desktop
  • Dataloader
  • Forcec.com IDE
  • Salesforce for Outlook
  • Workbench

How to create and define Connected Apps ?

First time I am little bit confused with the interface because there no Create or New button to create Connected Apps when you go via Setup > Manage Apps.

To define Connected Apps, we need to Setup > Apps and scroll to the bottom until we Connected Apps.

Click New button to define new Connected Apps.Fill in required field such Connect App Name , API Name and Contact Email .

Check Enable OAuth will expand API(Enable OAuth Setting) which you require to fill in Callback URL and Selected OAuth Scopes


  1. Callback URL basically is endpoint URL that Salesforce calls back to your application during OAuth. It’s the OAuth redirect URI.
    If you enter multiple callback URLs, at run time Salesforce matches the callback URL value specified by the app with one of the values in Callback URL. It must match one of the values to pass validation.
    Separate multiple callback URLs with line breaks.The callback URL field has a limit of 2000 characters, cumulatively. If you enter several URLs and they exceed this limit, create another connected app to manage more callback URLs.
  2. Scopes refer to permissions the user gives to the connected app while it’s running. The OAuth token name is in parentheses.

Once you save, it will come out something like this.


Now if we go to Setup > Manage Apps > Connected Apps , we able to see the Connected Apps that we just created.



One of example of how external can use the Customer Key and Customer Secret in Java program


static final String USERNAME     = "YOUR DEVORG USERNAME";
    static final String PASSWORD     = "YOUR DEVORG PASSWORD + SECURITY TOKEN";
    static final String LOGINURL     = "https://login.salesforce.com";
    static final String GRANTSERVICE = "/services/oauth2/token?grant_type=password";
    static final String CLIENTID     = "YOUR OAUTH CONSUMER KEY";
    static final String CLIENTSECRET = "YOUR OAUTH CONSUMER SECRET";

    public static void main(String[] args) {

        DefaultHttpClient httpclient = new DefaultHttpClient();

        // Assemble the login request URL
        String loginURL = LOGINURL + 
                          GRANTSERVICE + 
                          "&client_id=" + CLIENTID + 
                          "&client_secret=" + CLIENTSECRET +
                          "&username=" + USERNAME +
                          "&password=" + PASSWORD;

        // Login requests must be POSTs
        HttpPost httpPost = new HttpPost(loginURL);
        HttpResponse response = null;

        try {
            // Execute the login POST request
            response = httpclient.execute(httpPost);
        } catch (ClientProtocolException cpException) {
            // Handle protocol exception
        } catch (IOException ioException) {
            // Handle system IO exception
        }

//other code goes here

Refer here to view full code example.

Also other thing to note during refresh Sandbox, although Connected Apps is copied into Sandbox but consumer key and customer key will be different.So you might want to check if external apps not able to connect to Sandbox during in testing environment.

Some links that might be useful to look into


Thanks for reading.

No comments:

Post a Comment