SlideShare uma empresa Scribd logo

Deep Dive into OAuth for Connected Apps

Salesforce Developers
Salesforce Developers

The document discusses OAuth and its implementation for connected apps. It describes OAuth as a delegation protocol for conveying authorization across web apps and APIs. It then outlines the web server flow and user agent flow, including the different token types used. It demonstrates getting an access token via the web server flow and using it to query data. Finally, it provides information on refreshing access tokens before expired.

Tecnologia
1 de 24
Baixar para ler offline
Deep Dive into OAuth for Connected Apps ​ Hargobind Singh ​ Senior Manager ​ hargobind.singh@capgemini.com ​ @hargobindsingh ​ 
Hargobind Singh Senior Manager, Capgemini
•  About oAuth •  Implementation Scenarios •  Demo •  Wrap Up Overview
About oAuth
​ The OAuth specification defines a delegation protocol that is useful for conveying authorization decisions across a network of web-enabled applications and APIs ​ Benefits : ​ - Security ​ - Maintenance ​ - Ease of Use Why OAuth ? App Access App Authenticate Authorize
​ OAuth allows a client application restricted access to your data at a resource server via tokens issued by an authorization server in response to your authorization. ​ Token Types: Authorization Code short-lived token created by the authorization server and passed to the client application via the browser. Access Token The access token is used by the client to make authenticated requests on behalf of the end user. Refresh Token The refresh token may have an indefinite lifetime oAuth
Implementation Scenarios
Web Server Flow ​ Most web apps would use a web-server flow to obtain a token on behalf of the end-user
Authenticate, Authorize Client Parameter Description response_type Must be set to code to request an authorization code. client_id Your application's client identifier (consumer key in Connected App Detail). redirect_uri The end user's browser will be redirected to this URI with the authorization code. This must match your application's configured callback URL.
Token Response Parameter Description code The value returned by the authorization server in the previous step. grant_type Set this to authorization_code. client_id Your application's client identifier. client_secret Your application's client secret (consumer secret in the connected app detail page). redirect_uri Again, this must match your application's configuration.
Web Server Flow: Response Parameter Description id A URL, representing the authenticated user, which can be used to access the Identity Service. instance_url Identifies the Salesforce instance refresh_token A long-lived token that may be used to obtain a fresh access token access_token The short-lived access token.
Web Server Flow - Response ​ Sample Response
User Agent Flow ​ The user agent flow allows client applications running on user’s browser to obtain an access token
Request Token Parameter Description response_type Value can be token, or token id_token with the scope parameter openid and a nonce parameter client_id Your application's client identifier (consumer key in Connected App Detail). redirect_uri The end user's browser will be redirected to this URI with the authorization code. This must match your application's configured callback URL.
User Agent Flow: Response Parameter Description id A URL, representing the authenticated user, which can be used to access the Identity Service. instance_url Identifies the Salesforce instance refresh_token A long-lived token that may be used to obtain a fresh access token access_token The short-lived access token.
Token Refresh ​ Once the lifetime of a token expires, the client application can use the refresh token to obtain a new access token
Request Token Parameter Description grant_type Set this to refresh_token. client_id Your application's client identifier. client_secret Your application's client secret (optional). refresh_token The refresh token provided in the previous authorization.
Token Refresh: Response Parameter Description id A URL, representing the authenticated user, which can be used to access the Identity Service. instance_url Identifies the Salesforce instance refresh_token A long-lived token that may be used to obtain a fresh access token access_token The short-lived access token.
Demo
Demo ​ Connected App ​ Web Server Flow: •  Send request to get token •  Send token to get Access Token •  Use Access Token to query data
Wrap Up
Wrap Up ​ What we covered: •  oAuth Basics •  oAuth Implementation Flows •  Demo ​ More Info: •  Salesforce oAuth Documentation
Questions ​ Hargobind Singh ​ @hargobindsingh
Thank you

Recomendados

Domain Driven Design & Hexagonal Architecture
Domain Driven Design & Hexagonal ArchitectureDomain Driven Design & Hexagonal Architecture
Domain Driven Design & Hexagonal Architecture
Can Pekdemir
 
SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID Connect
Ubisecure
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
Amazon Web Services
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?
LunchBadger
 
Deep dive into Salesforce Connected App
Deep dive into Salesforce Connected AppDeep dive into Salesforce Connected App
Deep dive into Salesforce Connected App
Dhanik Sahni
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
WSO2
 
Api Gateway
Api GatewayApi Gateway
Api Gateway
KhaqanAshraf
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - Demystified
Calvin Noronha
 

Recomendados

Domain Driven Design & Hexagonal Architecture
Domain Driven Design & Hexagonal ArchitectureDomain Driven Design & Hexagonal Architecture
Domain Driven Design & Hexagonal Architecture
Can Pekdemir
 
SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID Connect
Ubisecure
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
Amazon Web Services
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?
LunchBadger
 
Deep dive into Salesforce Connected App
Deep dive into Salesforce Connected AppDeep dive into Salesforce Connected App
Deep dive into Salesforce Connected App
Dhanik Sahni
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
WSO2
 
Api Gateway
Api GatewayApi Gateway
Api Gateway
KhaqanAshraf
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - Demystified
Calvin Noronha
 
02 api gateway
02 api gateway02 api gateway
02 api gateway
Janani Velmurugan
 
AWS Security Week: AWS Secrets Manager
AWS Security Week: AWS Secrets ManagerAWS Security Week: AWS Secrets Manager
AWS Security Week: AWS Secrets Manager
Amazon Web Services
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & Logging
Jason Poley
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring Cloud
Eberhard Wolff
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
Chetan Gadodia
 
Security on AWS :: 이경수 솔루션즈아키텍트
Security on AWS :: 이경수 솔루션즈아키텍트Security on AWS :: 이경수 솔루션즈아키텍트
Security on AWS :: 이경수 솔루션즈아키텍트
Amazon Web Services Korea
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS Organizations
Amazon Web Services
 
Introducing AWS AppSync: serverless data driven apps with real-time and offli...
Introducing AWS AppSync: serverless data driven apps with real-time and offli...Introducing AWS AppSync: serverless data driven apps with real-time and offli...
Introducing AWS AppSync: serverless data driven apps with real-time and offli...
Amazon Web Services
 
Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ... Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ...
Yuichi Nakamura
 
SSO introduction
SSO introductionSSO introduction
SSO introduction
Aidy Tificate
 
AWS Secrets Manager
AWS Secrets ManagerAWS Secrets Manager
AWS Secrets Manager
Amazon Web Services
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
Nguyen Tung
 
Amazon VPC Lattice: The Service Mesh you actually want!!
Amazon VPC Lattice: The Service Mesh you actually want!!Amazon VPC Lattice: The Service Mesh you actually want!!
Amazon VPC Lattice: The Service Mesh you actually want!!
Aaron Walker
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM Introduction
Amazon Web Services
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 
Event Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQEvent Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQ
Araf Karsh Hamid
 
AWS VPN Solutions (NET304) - AWS re:Invent 2018
AWS VPN Solutions (NET304) - AWS re:Invent 2018AWS VPN Solutions (NET304) - AWS re:Invent 2018
AWS VPN Solutions (NET304) - AWS re:Invent 2018
Amazon Web Services
 
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트) 마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
Amazon Web Services Korea
 
Getting Started with Amazon ElastiCache
Getting Started with Amazon ElastiCacheGetting Started with Amazon ElastiCache
Getting Started with Amazon ElastiCache
Amazon Web Services
 
Architecture: Microservices
Architecture: MicroservicesArchitecture: Microservices
Architecture: Microservices
Amazon Web Services
 
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Nilanjan Roy
 
Oauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 supportOauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 support
Gaurav Sharma
 

Mais conteúdo relacionado

Mais procurados

AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM Introduction
Amazon Web Services
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 

Mais procurados (20)

02 api gateway
02 api gateway02 api gateway
02 api gateway
 
AWS Security Week: AWS Secrets Manager
AWS Security Week: AWS Secrets ManagerAWS Security Week: AWS Secrets Manager
AWS Security Week: AWS Secrets Manager
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & Logging
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring Cloud
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
 
Security on AWS :: 이경수 솔루션즈아키텍트
Security on AWS :: 이경수 솔루션즈아키텍트Security on AWS :: 이경수 솔루션즈아키텍트
Security on AWS :: 이경수 솔루션즈아키텍트
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS Organizations
 
Introducing AWS AppSync: serverless data driven apps with real-time and offli...
Introducing AWS AppSync: serverless data driven apps with real-time and offli...Introducing AWS AppSync: serverless data driven apps with real-time and offli...
Introducing AWS AppSync: serverless data driven apps with real-time and offli...
 
Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ... Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ...
 
SSO introduction
SSO introductionSSO introduction
SSO introduction
 
AWS Secrets Manager
AWS Secrets ManagerAWS Secrets Manager
AWS Secrets Manager
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
 
Amazon VPC Lattice: The Service Mesh you actually want!!
Amazon VPC Lattice: The Service Mesh you actually want!!Amazon VPC Lattice: The Service Mesh you actually want!!
Amazon VPC Lattice: The Service Mesh you actually want!!
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM Introduction
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Event Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQEvent Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQ
 
AWS VPN Solutions (NET304) - AWS re:Invent 2018
AWS VPN Solutions (NET304) - AWS re:Invent 2018AWS VPN Solutions (NET304) - AWS re:Invent 2018
AWS VPN Solutions (NET304) - AWS re:Invent 2018
 
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트) 마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
마이크로서비스 기반 클라우드 아키텍처 구성 모범 사례 - 윤석찬 (AWS 테크에반젤리스트)
 
Getting Started with Amazon ElastiCache
Getting Started with Amazon ElastiCacheGetting Started with Amazon ElastiCache
Getting Started with Amazon ElastiCache
 
Architecture: Microservices
Architecture: MicroservicesArchitecture: Microservices
Architecture: Microservices
 

Semelhante a Deep Dive into OAuth for Connected Apps

Oauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 supportOauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 support
Gaurav Sharma
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
Prabath Siriwardena
 
Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares
Nino Ho
 
Learn with WSO2 - API Security
Learn with WSO2 - API Security Learn with WSO2 - API Security
Learn with WSO2 - API Security
WSO2
 

Semelhante a Deep Dive into OAuth for Connected Apps (20)

Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
 
Oauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 supportOauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 support
 
Microsoft Graph API Delegated Permissions
Microsoft Graph API Delegated PermissionsMicrosoft Graph API Delegated Permissions
Microsoft Graph API Delegated Permissions
 
OAuth2 + API Security
OAuth2 + API SecurityOAuth2 + API Security
OAuth2 + API Security
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2
 
OAuth2 primer
OAuth2 primerOAuth2 primer
OAuth2 primer
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
 
OAuth2 Presentaion
OAuth2 PresentaionOAuth2 Presentaion
OAuth2 Presentaion
 
O auth2.0 guide
O auth2.0 guideO auth2.0 guide
O auth2.0 guide
 
Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares
 
Silicon Valley Code Camp 2009: OAuth: What, Why and How
Silicon Valley Code Camp 2009: OAuth: What, Why and HowSilicon Valley Code Camp 2009: OAuth: What, Why and How
Silicon Valley Code Camp 2009: OAuth: What, Why and How
 
Protecting your APIs with Doorkeeper and OAuth 2.0
Protecting your APIs with Doorkeeper and OAuth 2.0Protecting your APIs with Doorkeeper and OAuth 2.0
Protecting your APIs with Doorkeeper and OAuth 2.0
 
Learn with WSO2 - API Security
Learn with WSO2 - API Security Learn with WSO2 - API Security
Learn with WSO2 - API Security
 
Securing APIs with OAuth 2.0
Securing APIs with OAuth 2.0Securing APIs with OAuth 2.0
Securing APIs with OAuth 2.0
 
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
 
OAuth2 and OpenID with Spring Boot
OAuth2 and OpenID with Spring BootOAuth2 and OpenID with Spring Boot
OAuth2 and OpenID with Spring Boot
 
Intro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID ConnectIntro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID Connect
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWT
 
oauth-for-credentials-security-in-rest-api-access
oauth-for-credentials-security-in-rest-api-accessoauth-for-credentials-security-in-rest-api-access
oauth-for-credentials-security-in-rest-api-access
 

Mais de Salesforce Developers

Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
Salesforce Developers
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
Salesforce Developers
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
Salesforce Developers
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
Salesforce Developers
 

Mais de Salesforce Developers (20)

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer Highlights
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web Components
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer Highlights
 
Live coding with LWC
Live coding with LWCLive coding with LWC
Live coding with LWC
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and Testing
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura Interoperability
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce data
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An Introduction
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCP
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in Salesforce
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data Capture
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DX
 
Get Into Lightning Flow Development
Get Into Lightning Flow DevelopmentGet Into Lightning Flow Development
Get Into Lightning Flow Development
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS Connect
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Último (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Deep Dive into OAuth for Connected Apps

  • 1. Deep Dive into OAuth for Connected Apps ​ Hargobind Singh ​ Senior Manager ​ hargobind.singh@capgemini.com ​ @hargobindsingh ​ 
  • 3. •  About oAuth •  Implementation Scenarios •  Demo •  Wrap Up Overview
  • 5. ​ The OAuth specification defines a delegation protocol that is useful for conveying authorization decisions across a network of web-enabled applications and APIs ​ Benefits : ​ - Security ​ - Maintenance ​ - Ease of Use Why OAuth ? App Access App Authenticate Authorize
  • 6. ​ OAuth allows a client application restricted access to your data at a resource server via tokens issued by an authorization server in response to your authorization. ​ Token Types: Authorization Code short-lived token created by the authorization server and passed to the client application via the browser. Access Token The access token is used by the client to make authenticated requests on behalf of the end user. Refresh Token The refresh token may have an indefinite lifetime oAuth
  • 8. Web Server Flow ​ Most web apps would use a web-server flow to obtain a token on behalf of the end-user
  • 9. Authenticate, Authorize Client Parameter Description response_type Must be set to code to request an authorization code. client_id Your application's client identifier (consumer key in Connected App Detail). redirect_uri The end user's browser will be redirected to this URI with the authorization code. This must match your application's configured callback URL.
  • 10. Token Response Parameter Description code The value returned by the authorization server in the previous step. grant_type Set this to authorization_code. client_id Your application's client identifier. client_secret Your application's client secret (consumer secret in the connected app detail page). redirect_uri Again, this must match your application's configuration.
  • 11. Web Server Flow: Response Parameter Description id A URL, representing the authenticated user, which can be used to access the Identity Service. instance_url Identifies the Salesforce instance refresh_token A long-lived token that may be used to obtain a fresh access token access_token The short-lived access token.
  • 12. Web Server Flow - Response ​ Sample Response
  • 13. User Agent Flow ​ The user agent flow allows client applications running on user’s browser to obtain an access token
  • 14. Request Token Parameter Description response_type Value can be token, or token id_token with the scope parameter openid and a nonce parameter client_id Your application's client identifier (consumer key in Connected App Detail). redirect_uri The end user's browser will be redirected to this URI with the authorization code. This must match your application's configured callback URL.
  • 15. User Agent Flow: Response Parameter Description id A URL, representing the authenticated user, which can be used to access the Identity Service. instance_url Identifies the Salesforce instance refresh_token A long-lived token that may be used to obtain a fresh access token access_token The short-lived access token.
  • 16. Token Refresh ​ Once the lifetime of a token expires, the client application can use the refresh token to obtain a new access token
  • 17. Request Token Parameter Description grant_type Set this to refresh_token. client_id Your application's client identifier. client_secret Your application's client secret (optional). refresh_token The refresh token provided in the previous authorization.
  • 18. Token Refresh: Response Parameter Description id A URL, representing the authenticated user, which can be used to access the Identity Service. instance_url Identifies the Salesforce instance refresh_token A long-lived token that may be used to obtain a fresh access token access_token The short-lived access token.
  • 19. Demo
  • 20. Demo ​ Connected App ​ Web Server Flow: •  Send request to get token •  Send token to get Access Token •  Use Access Token to query data
  • 22. Wrap Up ​ What we covered: •  oAuth Basics •  oAuth Implementation Flows •  Demo ​ More Info: •  Salesforce oAuth Documentation