Skip to main content

Understand Connected Apps in Salesforce

What is connected apps?

A "Connected App" is an application that can connect to over Identity and Data APIs. Connected Apps use the standard OAuth 2.0 protocol to authenticate, provide Single Sign-On, and acquire access tokens for use with Salesforce APIs. In addition to the standard OAuth capabilities supported by the existing Remote Appsfeature (which Connected Apps is designed to replace), Connected Apps add additional levels of control, allowing administrators explicit control over who can use the application, and various security policies to be enforced by the application.Read more ...

When we develop an external application that needs to authenticate with Salesforce, we need to define it as a new connected app within the Salesforce organization that informs Salesforce of this new authentication entry point.Read more ...
It is an external application that connect to salesforce.In order to enable the authentication we need to definit it as Connected Apps in Salesforce.
Some example of Connected Apps are :

  • Ant Migration Tool
  • Chatter Desktop
  • Dataloader
  • IDE
  • Salesforce for Outlook
  • Workbench

How to create and define Connected Apps ?

First time I am little bit confused with the interface because there no Create or New button to create Connected Apps when you go via Setup > Manage Apps.

To define Connected Apps, we need to Setup > Apps and scroll to the bottom until we Connected Apps.

Click New button to define new Connected Apps.Fill in required field such Connect App Name , API Name and Contact Email .

Check Enable OAuth will expand API(Enable OAuth Setting) which you require to fill in Callback URL and Selected OAuth Scopes

  1. Callback URL basically is endpoint URL that Salesforce calls back to your application during OAuth. It’s the OAuth redirect URI.
    If you enter multiple callback URLs, at run time Salesforce matches the callback URL value specified by the app with one of the values in Callback URL. It must match one of the values to pass validation.
    Separate multiple callback URLs with line breaks.The callback URL field has a limit of 2000 characters, cumulatively. If you enter several URLs and they exceed this limit, create another connected app to manage more callback URLs.
  2. Scopes refer to permissions the user gives to the connected app while it’s running. The OAuth token name is in parentheses.

Once you save, it will come out something like this.

Now if we go to Setup > Manage Apps > Connected Apps , we able to see the Connected Apps that we just created.

One of example of how external can use the Customer Key and Customer Secret in Java program

static final String USERNAME     = "YOUR DEVORG USERNAME";
    static final String LOGINURL     = "";
    static final String GRANTSERVICE = "/services/oauth2/token?grant_type=password";
    static final String CLIENTID     = "YOUR OAUTH CONSUMER KEY";

    public static void main(String[] args) {

        DefaultHttpClient httpclient = new DefaultHttpClient();

        // Assemble the login request URL
        String loginURL = LOGINURL + 
                          GRANTSERVICE + 
                          "&client_id=" + CLIENTID + 
                          "&client_secret=" + CLIENTSECRET +
                          "&username=" + USERNAME +
                          "&password=" + PASSWORD;

        // Login requests must be POSTs
        HttpPost httpPost = new HttpPost(loginURL);
        HttpResponse response = null;

        try {
            // Execute the login POST request
            response = httpclient.execute(httpPost);
        } catch (ClientProtocolException cpException) {
            // Handle protocol exception
        } catch (IOException ioException) {
            // Handle system IO exception

//other code goes here

Refer here to view full code example.

Also other thing to note during refresh Sandbox, although Connected Apps is copied into Sandbox but consumer key and customer key will be different.So you might want to check if external apps not able to connect to Sandbox during in testing environment.

Some links that might be useful to look into

Thanks for reading.


Popular posts from this blog

Search Solution Basics

When is it a good time to create a customized search solution? You're developing an external knowledge base for user support. You're in the mood for a fun Friday night. The sales reps just started using the Sales Cloud in Lightning Experience. You want to put your company branding in the search bar. What differentiates SOSL from SOQL? Syntax SOSL searches the search index instead of the org database. SOSL searches more efficiently when you don't know in which object the data resides. All of the above. SOSL works with: REST only SOAP only REST, SOAP, and Apex SOQL only What does a search for a single object look like in SOSL? FIND {cloud} RETURNING Account FIND in ACCOUNT RETURNING "cloud" FIND "cloud" in ACCOUNT FIND (cloud) RIGHT NOW! What does a search for multiple objects look like in SOSL? FIND {sneakers} RETURNING ALL ARTICLES FIND {sneakers} in ALL OBJECTS FIND {sneakers} RETURNING Product2, Content

Process Builder is not fired when field update is called from Approval Process

Scenario In Final Approvals section ; in Approval Process we have field update to update Status field. In Process Builder , we have some action that need to be done when Status field is updated in Approval Process.However this process builder is not fired. Solution To handle this, in Field Update in Approval Process , check Re-evaluated Workflow Rules after Field Change as picture below. What happen if field updated from Approval Process. Workflow - does not fires untill Re-evaluate workflow checkbox is ticked on your field update Process Builder - does not fires untill Re-evaluate workflow checkbox is ticked on your field update Trigger - will fire if conditions are matched This is explained in article here  . Field Updates That Re-evaluate Workflow Rules If  Re-evaluate Workflow Rules After Field Change  is enabled for a field update action, Salesforce  re-evaluates all workflow rules on the object if the field update results in a change to the value of the fi

Tips and Tricks : Test class for Invocable method

Issue : I got 100% coverage in my sandbox but when run validation for deployment it returns 0% coverage It turn out that in my sandbox, I am depending on Process Builder to Invocable Apex class, as long I manipulate test data that fire Process Builder it will call Invocable class. This is not useful when deploying it to Production although it gets deployed together with Process Builder. The correct way is to direct call Invocable method inside test class itself. Example of class : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 global class MyCustomObject_StatusUpdate_Util { @InvocableMethod ( label = ' Update Quote Status ' ) public static void updateQuote ( Request [] requests ) { Set < Id > setOppId = new Set < Id >(); List < SBQQ__Quote__c > listQuoteToUpdate = new List < SBQQ__Quote__c >(); for ( Request request : requests ) {