NamedCredentials Class

Create, refresh, get, delete, replace, and update credentials. Create and get external credentials. Create and get named credentials. Create, get, delete, and update external auth identity providers. Get the URL for the OAuth token flow for an external credential.

Managed packages can access only the named credentials and external credentials that are included in or created from the package’s Apex code. If a managed package tries to access non-packaged named credentials and external credentials that a Salesforce admin created in the org, an error occurs.

Note

Namespace

ConnectApi

NamedCredentials Methods

These methods are for NamedCredentials. All methods are static.

createCredential(requestBody)

Create a credential.

API Version

56.0

Requires Chatter

No

Signature

public static ConnectApi.Credential createCredential(ConnectApi.CredentialInput requestBody)

Parameters

requestBody
Type: ConnectApi.CredentialInput
A ConnectApi.CredentialInput class.

Return Value

Type: ConnectApi.Credential

createCredential(requestBody, action)

Refresh an OAuth or AWS Roles Anywhere credential.

API Version

58.0

Requires Chatter

No

Signature

public static ConnectApi.Credential createCredential(ConnectApi.CredentialInput requestBody, ConnectApi.CreateCredentialAction action)

Parameters

requestBody
Type: ConnectApi.CredentialInput
A ConnectApi.CredentialInput class.
action
Type: ConnectApi.CreateCredentialAction
Action to take when creating the credential. Value is:
  • Refresh

Return Value

Type: ConnectApi.Credential

createExternalAuthIdentityProvider(requestBody)

Create an external auth identity provider.

API Version

62.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalAuthIdentityProvider createExternalAuthIdentityProvider(ConnectApi.ExternalAuthIdentityProviderInput requestBody)

Parameters

requestBody
Type: ConnectApi.ExternalAuthIdentityProviderInput
A ConnectApi.ExternalAuthIdentityProviderInput input class.

createExternalAuthIdentityProviderCredentials(fullName, requestBody)

Create external auth identity provider credentials.

API Version

62.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalAuthIdentityProviderCredentials createExternalAuthIdentityProviderCredentials(String fullName, ConnectApi.ExternalAuthIdentityProviderCredentialsInput requestBody)

Parameters

fullName
Type: String
Full name of the external auth identity provider to create credentials for.
requestBody
Type: ConnectApi.ExternalAuthIdentityProviderCredentialsInput
A ConnectApi.ExternalAuthIdentityProviderCredentialsInput input class

createExternalCredential(requestBody)

Create an external credential.

API Version

58.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalCredential createExternalCredential(ConnectApi.ExternalCredentialInput requestBody)

Parameters

requestBody
Type: ConnectApi.ExternalCredentialInput
Input used to create or update an external credential.

Return Value

Type: ConnectApi.ExternalCredential

createNamedCredential(requestBody)

Create a named credential.

API Version

58.0

Requires Chatter

No

Signature

public static ConnectApi.NamedCredential createNamedCredential(ConnectApi.NamedCredentialInput requestBody)

Parameters

requestBody
Type: ConnectApi.NamedCredentialInput
Input used to create or update a named credential.

Return Value

Type: ConnectApi.NamedCredential

deleteCredential(externalCredential, principalName, principalType)

Delete a credential.

This method deletes the user external credentials that store the encrypted access tokens used for named credential callouts, not the external credential itself. You can delete an external credential only in the UI or by using REST API.

API Version

56.0

Requires Chatter

No

Signature

public static Void deleteCredential(String externalCredential, String principalName, ConnectApi.CredentialPrincipalType principalType)

Parameters

externalCredential
Type: String
Fully qualified developer name of the external credential.
principalName
Type: String
Name of the external credential named principal.
principalType
Type: ConnectApi.CredentialPrincipalType
Type of credential principal. Values are:
  • AwsStsPrincipal
  • NamedPrincipal
  • PerUserPrincipal

Return Value

Type: Void

deleteCredential(externalCredential, principalName, principalType, authenticationParameters)

Delete a credential with authentication parameters.

This method deletes the user external credentials that store the encrypted access tokens used for named credential callouts, not the external credential itself. You can delete an external credential only in the UI or by using REST API.

API Version

59.0

Requires Chatter

No

Signature

public static Void deleteCredential(String externalCredential, String principalName, ConnectApi.CredentialPrincipalType principalType, List<String> authenticationParameters)

Parameters

externalCredential
Type: String
Fully qualified developer name of the external credential.
principalName
Type: String
Name of the external credential named principal.
principalType
Type: ConnectApi.CredentialPrincipalType
Type of credential principal. Values are:
  • AwsStsPrincipal
  • NamedPrincipal
  • PerUserPrincipal
authenticationParameters
Type: List<String>
List of authentication parameters only for custom protocols, for example myApiKey,myApiSecret. If unspecified, all credentials are deleted.

Return Value

Type: Void

deleteExternalAuthIdentityProvider(fullName)

Delete an external auth identity provider.

API Version

62.0

Requires Chatter

No

Signature

public static Void deleteExternalAuthIdentityProvider(String fullName)

Parameters

fullName
Type: String
Full name of the external auth identity provider to delete.

Return Value

Type: Void

getCredential(externalCredential, principalName, principalType)

Get a credential.

API Version

56.0

Requires Chatter

No

Signature

public static ConnectApi.Credential getCredential(String externalCredential, String principalName, ConnectApi.CredentialPrincipalType principalType)

Parameters

externalCredential
Type: String
Fully qualified developer name of the external credential.
principalName
Type: String
Name of the external credential named principal.
principalType
Type: ConnectApi.CredentialPrincipalType
Type of credential principal. Values are:
  • AwsStsPrincipal
  • NamedPrincipal
  • PerUserPrincipal

Return Value

Type: ConnectApi.Credential

getExternalAuthIdentityProvider(fullName)

Get an external auth identity provider.

API Version

62.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalAuthIdentityProvider getExternalAuthIdentityProvider(String fullName)

Parameters

fullName
Type: String
Full name of the external auth identity provider.

getExternalAuthIdentityProviderCredentials(fullName)

Get external auth identity provider credentials.

API Version

62.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalAuthIdentityProviderCredentials getExternalAuthIdentityProviderCredentials(String fullName)

Parameters

fullName
Type: String
Full name of the external auth identity provider.

getExternalAuthIdentityProviders()

Get a list of external auth identity providers in the org.

API Version

62.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalAuthIdentityProviderList getExternalAuthIdentityProviders()

getExternalCredential(developerName)

Get an external credential, including the named credentials and principals associated with it and the type and status of each principal.

API Version

56.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalCredential getExternalCredential(String developerName)

Parameters

developerName
Type: String
Fully qualified developer name of the external credential.

Return Value

Type: ConnectApi.ExternalCredential

getExternalCredentials()

Get external credentials that the user can authenticate to.

API Version

56.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalCredentialList getExternalCredentials()

getNamedCredential(developerName)

Get a named credential.

API Version

59.0

Requires Chatter

No

Signature

public static ConnectApi.NamedCredential getNamedCredential(String developerName)

Parameters

developerName
Type: String
Fully qualified developer name of the named credential.

Return Value

Type: ConnectApi.NamedCredential

getNamedCredentials()

Get a list of named credentials for the org.

API Version

59.0

Requires Chatter

No

Signature

public static ConnectApi.NamedCredentialList getNamedCredentials()

Return Value

Type: ConnectApi.NamedCredentialList

getOAuthCredentialAuthUrl(requestBody)

Get the URL for the OAuth token flow for an external credential.

API Version

56.0

Requires Chatter

No

Signature

public static ConnectApi.OAuthCredentialAuthUrl getOAuthCredentialAuthUrl(ConnectApi.OAuthCredentialAuthUrlInput requestBody)

Parameters

requestBody
Type: ConnectApi.OAuthCredentialAuthUrlInput
A ConnectApi.OAuthCredentialAuthUrlInput class indicating the OAuth authentication flow.

Usage

Accepts input parameters representing a specific external credential and, optionally, a named principal. Returns the URL a user must visit to begin the authentication flow, ultimately returning authentication tokens to Salesforce. Use this method as part of building a customized or branded user interface to help users initiate authentication.

Example

ConnectApi.OAuthCredentialAuthUrlInput input = new ConnectApi.OAuthCredentialAuthUrlInput();

input.externalCredential = 'MyExternalCredentialDeveloperName';
input.principalType = ConnectApi.CredentialPrincipalType.PerUserPrincipal;
input.principalName = 'MyPrincipal'; // Only required when principalType = NamedPrincipal

ConnectApi.OAuthCredentialAuthUrl output = ConnectApi.NamedCredentials.getOAuthCredentialAuthUrl(input);

String authenticationUrl = output.authenticationUrl; // Redirect users to this URL to authenticate in the browser

patchCredential(requestBody)

Update custom credentials.

This method updates custom credentials. To replace a credential, use updateCredential(requestBody).

API Version

59.0

Requires Chatter

No

Signature

public static ConnectApi.Credential patchCredential(ConnectApi.CredentialInput requestBody)

Parameters

requestBody
Type: ConnectApi.CredentialInput
A ConnectApi.CredentialInput class. Only the custom credentials in the input class are updated.

Return Value

Type: ConnectApi.Credential

updateCredential(requestBody)

Replace a credential.

This method uses the ConnectApi.CredentialInput and the ConnectApi.CredentialValueInput input classes to replace a credential’s values. In the UI, these values appear as the credential’s authentication parameters. To update a credential, use patchCredential(requestBody).

API Version

56.0

Requires Chatter

No

Signature

public static ConnectApi.Credential updateCredential(ConnectApi.CredentialInput requestBody)

Parameters

requestBody
Type: ConnectApi.CredentialInput
A ConnectApi.CredentialInput class.

Return Value

Type: ConnectApi.Credential

updateExternalAuthIdentityProvider(fullName, requestBody)

Update an external auth identity provider.

API Version

62.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalAuthIdentityProvider updateExternalAuthIdentityProvider(String fullName, ConnectApi.ExternalAuthIdentityProviderInput requestBody)

Parameters

fullName
Type: String
Full name of the external auth identity provider to update.
requestBody
Type: ConnectApi.ExternalAuthIdentityProviderInput
A ConnectApi.ExternalAuthIdentityProviderInput input class.

updateExternalAuthIdentityProviderCredentials(fullName, requestBody)

Replace external auth identity provider credentials.

API Version

62.0

Requires Chatter

No

Signature

public static ConnectApi.ExternalAuthIdentityProviderCredentials updateExternalAuthIdentityProviderCredentials(String fullName, ConnectApi.ExternalAuthIdentityProviderCredentialsInput requestBody)

Parameters

fullName
Type: String
The external auth identity provider credentials to replace.
requestBody
Type: ConnectApi.ExternalAuthIdentityProviderCredentialsInput
A ConnectApi.ExternalAuthIdentityProviderCredentialsInput input class.