Force.com REST API Developer Guide

Introducing Force.com REST API
Force.com REST Resources
Using Compression
Using Conditional Requests
Using cURL in the REST Examples
Understanding Authentication
Defining Connected Apps
Understanding OAuth Endpoints
Understanding the Web Server OAuth Authentication Flow
Understanding the User-Agent OAuth Authentication Flow
Understanding the Username-Password OAuth Authentication Flow
Understanding the OAuth Refresh Token Process
Finding Additional Resources
Use CORS to Access Supported Salesforce APIs, Apex REST, and Lightning Out
Quick Start
Examples
Reference
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Defining Connected Apps

To authenticate using OAuth, you must create a connected app that defines your application’s OAuth settings for the Salesforce organization.

When you develop an external application that needs to authenticate with Salesforce, you need to define it as a new connected app within the Salesforce organization that informs Salesforce of this new authentication entry point.

Use the following steps to create a new connected app.

  1. From Setup, enter Apps in the Quick Find box, then select Apps and click New to start defining a connected app.
  2. Enter the name of your application.
  3. Enter the contact email information, as well as any other information appropriate for your application.
  4. Select Enable OAuth Settings.
  5. Enter a Callback URL. Depending on which OAuth flow you use, this is typically the URL that a user’s browser is redirected to after successful authentication. As this URL is used for some OAuth flows to pass an access token, the URL must use secure HTTP (HTTPS) or a custom URI scheme.
  6. Add all supported OAuth scopes to Selected OAuth Scopes. These scopes refer to permissions given by the user running the connected app.
  7. Enter a URL for Info URL. This is where the user can go for more information about your application.
  8. Click Save. The Consumer Key is created and displayed, and the Consumer Secret is created (click the link to reveal it).

Once you define a connected app, you use the consumer key and consumer secret to authenticate your application. See Creating a Connected App in the Salesforce online help for specific steps to create a connected app for the type of authentication you need.