Authorization Through Connected Apps and OAuth 2.0
Configure a Connected App
A connected app requests access to REST API resources on behalf of the client application. For a connected app to request access, it must be integrated with your org’s REST API using the OAuth 2.0 protocol. OAuth 2.0 is an open protocol that authorizes secure data sharing between applications through the exchange of tokens.
For instructions to configure a connected app, see Create a Connected App in Salesforce Help. Specifically, follow the steps in Enable OAuth Settings for API Integration.
Apply an OAuth Authorization Flow
- To initiate an authorization flow, a connected app on behalf of a client app requests access to a REST API resource.
- In response, an authorizing server grants access tokens to the connected app.
- A resource server validates these access tokens and approves access to the protected REST API resource.
After reviewing and selecting an OAuth authorization flow, apply it to your connected app. For details about each supported flow, see OAuth Authorization Flows in Salesforce Help.
More Resources
- Salesforce Help: Connected Apps
- Salesforce Help: Authorize Apps with OAuth
- Salesforce Help: OpenID Connect Token Introspection
- Trailhead: Build Integrations Using Connected Apps