Using JWT Flow to Authenticate Nodejs application with Salesforce

Video tutorial and Complete source code to use Salesforce JWT OAuth to authenticate Nodejs Application

JWT OAuth uses digital signature to authenticate external application with Salesforce. JWT can be used to request an OAuth access token from Salesforce when a client wants to use a previous authorization.

Complete Source code is available here.

How JWT OAuth works
  1. Developer creates a connected app and provides digital certificate in OAuth settings. You can refer this post to understand how openssl can be used to create digital certificate locally.
  2. We need to make sure this connected app is already pre – approved either by using WebServer, User Agent or any other flow. You can find this step in video recorded.
  3. We need to generate JWT token and sign it with certificate. This code snippet is available in this file in method getJWTSignedToken_nJWTLib(). I have used njwt module of Nodejs to create a JWT token. This is very useful website to validate and generate JWT token as per digital certificate.
  4. Next we need to send JWT request to token URL –  https://login.salesforce.com/services/oauth2/token
  5. If JWT request is valid then Salesforce returns access_token , which can be used in subsequent requests to perform allowed operations in Salesforce via Nodejs application.

Continue reading “Using JWT Flow to Authenticate Nodejs application with Salesforce”