{"id":6309,"date":"2017-10-08T21:57:14","date_gmt":"2017-10-08T21:57:14","guid":{"rendered":"http:\/\/www.jitendrazaa.com\/blog\/?p=6309"},"modified":"2017-10-10T13:45:15","modified_gmt":"2017-10-10T13:45:15","slug":"using-jwt-flow-to-authenticate-nodejs-application-with-salesforce","status":"publish","type":"post","link":"https:\/\/www.jitendrazaa.com\/blog\/salesforce\/using-jwt-flow-to-authenticate-nodejs-application-with-salesforce\/","title":{"rendered":"Using JWT Flow to Authenticate Nodejs application with Salesforce"},"content":{"rendered":"

JWT OAuth<\/a> uses digital signature to authenticate external application with Salesforce. JWT can be used to request an OAuth access token from Salesforce when a client wants to use a previous authorization.<\/p>\n

Complete Source code is available here<\/a>.<\/p>\n

How JWT OAuth works<\/h5>\n
    \n
  1. Developer creates a connected app and provides digital certificate in OAuth settings. You can refer this post to understand how openssl can be used to create digital certificate locally<\/a>.<\/li>\n
  2. We need to make sure this connected app is already pre – approved either by using WebServer, User Agent or any other flow. You can find this step in video recorded<\/a>.<\/li>\n
  3. We need to generate JWT token and sign it with certificate. This code snippet is available in this file<\/a> in method\u00a0getJWTSignedToken_nJWTLib().\u00a0<\/em>I have used\u00a0njwt\u00a0<\/strong>module of Nodejs to create a JWT token. This is very useful website to validate and generate JWT token as per digital certificate<\/a>.<\/li>\n
  4. Next we need to send JWT request to token URL –\u00a0 https:\/\/login.salesforce.com\/services\/oauth2\/token<\/em><\/li>\n
  5. If JWT request is valid then Salesforce returns access_token , which can be used in subsequent requests to perform allowed operations in Salesforce via Nodejs application.<\/li>\n<\/ol>\n

    <\/p>\n

    How to run this on your system<\/h5>\n

    Step 1<\/strong><\/p>\n

    Clone this repository<\/a> (Assuming Node.js already installed on system).<\/p>\n

    Step 2<\/strong><\/p>\n

    Create a ssl certificate or reuse same certificate uploaded in this repository. Refer this post to learn how to create ssl certificate using openssl<\/a>.<\/p>\n

    Step 3<\/strong><\/p>\n

    Create Connected App in your Salesforce instance with callback URL – https:\/\/localhost:8081\/oauthcallback.html<\/em>. Make sure to upload server.crt<\/a> as a digital certificate in connected app. You can use your own certificate as well.<\/p>\n

    Step 4<\/strong><\/p>\n

    Copy consumer key & secret created in connected app and update jwt_consumer_key and client_secret variable defined in Server.js <\/a>file.<\/p>\n

    Step 5<\/strong><\/p>\n

    Run npm install<\/em> command in the directory where this code is downloaded. It will download all the required node modules. Then run npm start<\/em>, or nodemon Server.js<\/em> (if nodemon installed previously) it will start the server.<\/p>\n

    Step 6<\/strong><\/p>\n

    Navigate to https:\/\/localhost:8081\/<\/em> in your browser and you would see option for all 3 Auth flow – JWT, User Agent and Web Server<\/strong>.<\/p>\n