I have already written article to integrate Salesforce with other Salesforce instance around 3 years back. In last 3 years, Salesforce has changed a lot. This time I will integrate Salesforce with other Salesforce only only in 5 lines of code, can you believe it 🙂 ? Check my old article, and its around 50+ lines of code with security control.
What is Named Credential ?
A named credential specifies the URL of a callout endpoint and its required authentication parameters in one definition. You can simplify the setup of authenticated Apex callouts by specifying a named credential as the callout endpoint. You can instead specify a URL as the callout endpoint and register that URL in your organization’s remote site settings. In that case, however, you handle the authentication in your code. Doing so can be less secure and especially complicated for OAuth authentication.
Long description short , “using Named Credential, we can make call out to external system without supplying username or Password”.
There are many ways to login to your Salesforce instance, using Google, Facebook, Linked, Twitter and even from other Salesforce Organization. I am sure many of readers has multiple Salesforce instances and its hard to remember password of each. We can connect every Salesforce instances and login using only one. In this post we will see, how we can login to one Salesforce from other using built in Authentication provider from Salesforce.
Throughout this article I will use term “service provider Salesforce instance” for Organization where I need to go after login and “Authentication Provider instance” which will authenticate user and will act as source organization for login.
First step to start with Authentication Provider is to setup my domain in your “service provider Salesforce instance“. This step is important so that it will display all available Authentication provider for that Salesforce instance.
Create Connected app
If you want to login from Facebook, LinkedIn or any other web application, you need to inform Salesforce that those applications are legitimate and this is very important piece of OAuth2. One of major difference between OAuth1 and OAuth2 is that OAuth2 provides scope where you can set what specific permission this Connected App will need.
Connected App also has “Consumer Key” and “Consumer Secret” which is equivalent to “username” and “password” for that App.
Other important setting, connected app has “Callback URL“. This is the URL where “Authentication Provider instance” should return after providing access. Even if somehow “Consumer Key” and “Consumer Secret” is compromised, it will return to Callback URL which is your application.