| AuthorizeUrl |
- Type
- url
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
- Required, but only if ProviderType
is OpenIdConnect.
The OAuth authorization
endpoint URL. Used only with OpenID Connect
authentication providers. Available in API version 29.0 and later.
|
| ConsumerKey |
- Type
- string
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
- Required. The app’s key that is registered at the
third-party Single Sign-On provider.
|
| ConsumerSecret |
- Type
- string
- Properties
- Create, Nillable
- Description
-
Required. The consumer secret of the app that is registered at the third-party Single
Sign-On provider. This field cannot be updated. When
using create()
this field must be encrypted. To create an encrypted
form of the consumer secret from plain text:
- Create an authentication provider with the
ConsumerSecret plain text value.
- Save the authentication provider.
- Create an outbound change set that includes
the authentication provider component.
The new change set .xml file has an entry in
the form <consumerSecret>++XYZ++</consumerSecret>
where ++XYZ++ is the encrypted secret.
|
| CustomMetadataTypeRecord |
- Type
- string
- Properties
- Create, Filter, Group, Nillable, Sort, Update
- Description
-
Required, but only with custom authentication provider
plug-ins, when ProviderType is
Custom. The
API name of the authentication provider.
Available in API version 36.0 and later.
|
| DefaultScopes |
- Type
- string
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
-
Required, but only if
ProviderType is OpenIdConnect
The scopes to be sent
with the authorization request, if not specified
when a flow is started. Used only with OpenID
Connect authentication providers. Available
in API version 29.0 and later.
|
| DeveloperName |
- Type
- string
- Properties
- Create, Filter, Group, Sort, Update
- Description
-
Required. Used when referring to the authentication provider from a program.
|
| ErrorUrl |
- Type
- string
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
-
A custom error URL for the authentication provider to use to report any errors.
|
| ExecutionUserId |
- Type
- reference
- Properties
- Create, Filter, Group, Nillable, Sort, Update
- Description
-
The user that runs the Apex handler class. The user must have the
“Manage Users” permission. A user is
required when you specify a registration handler
class.
|
| FriendlyName |
- Type
- string
- Properties
- Create, Filter, Group, Sort, Update
- Description
-
Required. A user-friendly name for the provider.
|
| IconUrl |
- Type
- url
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
-
The path to an icon to use as a button on the login page. Users
click the button to log in with the associated
authentication provider.
|
| IdTokenIssuer |
- Type
- string
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
-
Only available if ProviderType is
OpenIdConnect. This value identifies the
source of the authentication token in the form
https: URI. Used only with
OpenID Connect authentication providers. If
provided, Salesforce validates the returned id_token value. The
OpenID Connect specification requires an id_token value to be
returned with the access_token value. Available in API version 30.0 and later.
|
| LogoutUrl |
- Type
- url
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
-
Provides a specific destination
for users after they log out if they authenticated
using social sign-on. The URL must be fully
qualified with an http or
https prefix, such as
https://acme.my.salesforce.com.
Available in API version 33.0 and later.
|
| OptionsIncludeOrgIdInId |
- Type
- boolean
- Properties
- Create, Filter, Update
- Description
-
Includes the organization
ID to differentiate between users with the same
user ID from two sources (such as two sandboxes). Only available for Salesforce authentication providers. Once set to true, it can’t be set
to false.
Available in API version 32.0 and later.
|
| OptionsSendAccessTokenInHeader |
- Type
- boolean
- Properties
- Create, Filter, Update
- Description
-
Required only if
ProviderType is OpenIdConnect. When
true, the
access token is sent to the
UserInfoUrl in a header
instead of a query string. Used only with OpenID
Connect authentication providers. Available in API version 30.0 and later.
|
| OptionsSendClientCredentialsInHeader |
- Type
- boolean
- Properties
- Create, Filter, Update
- Description
-
Required only if
ProviderType is OpenIdConnect. When
true, the
client credentials are sent in a header, instead
of a query string, to the
tokenUrl. The credentials are
in the standard OpenID Connect Basic Credentials
header form, which is Basic <token>, where <token> is the
base64-encoded string "clientkey:clientsecret". Used only with
OpenID Connect authentication providers. Available
in API version 30.0 and later.
|
| ProviderType |
- Type
- picklist
- Properties
- Create, Filter, Group, Restricted picklist, Sort, Update
- Description
-
Required. The third-party Single Sign-On provider to
use. Valid values are:
- Facebook
- Salesforce
- Janrain
-
LinkedIn
(Available in API version 32.0 and later.)
-
Twitter
(Available in API version 32.0 and later.)
-
OpenIdConnect (Available in API version 29.0 and later.)
This type
requires values for the following fields:
- AuthorizeUrl
- DefaultScopes
- TokenUrl
- UserInfoUrl
-
MicrosoftACS Microsoft Access Control
Service typically provides authentication for a
Microsoft Office 365 service like SharePoint®
Online. (Available in API version 31.0 and later.)
-
GitHub—Use the
GitHub
provider to log in users of your Force.com app to GitHub using OAuth. When logged in to
GitHub, your app can make calls to GitHub APIs.
The GitHub
provider isn’t available as a single sign-on
provider, so users can’t log in to your Salesforce org using their GitHub login credentials.
(Available in API version 35.0 and later.)
-
Custom
(Available in API version 36.0 and later.)
|
| PluginId |
- Type
- reference
- Properties
- Create, Filter, Group, Nillable, Sort, Update
- Description
-
An existing Apex class that extends the Auth.AuthProviderPluginClass abstract
class. Available in API version 39.0 and later.
|
| RegistrationHandlerId |
- Type
- reference
- Properties
- Create, Filter, Group, Nillable, Sort, Update
- Description
-
An existing Apex class that implements the Auth.RegistrationHandler interface.
|
| TokenUrl |
- Type
- url
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
- Required, but only if ProviderType
is OpenIdConnect.
The OAuth token endpoint URL.
Used only with OpenID Connect authentication
providers. Available in API version 29.0 and later.
|
| UserInfoUrl |
- Type
- url
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
-
Required, but only if
Provider-type is OpenIdConnect. The OpenID Connect endpoint
URL. Used only with OpenID Connect authentication
providers. Available in API version 29.0 and later.
|