We recently had a integration project where we got an opportunity to use “Name Credentials” for one of our clients, to integrate two Salesforce instances. We found it very easy and useful to configure, maintain and implement using Named Credentials to connect two Salesforce orgs. We believe it will be useful for you all and so here we are sharing some of the key features and high level steps to configure “Named Credentials”.
Following are benefits of using Named Credentials:
- A named credential specifies the URL of a callout endpoint and its required authentication parameters in one definition.
- You can skip remote site settings, which are otherwise required for callouts to external sites, for the site defined in the named credential.
- Using Named Credential, we can make call out to external system without supplying username or Password in the code.
- By separating the endpoint URL and authentication from the callout definition, named credentials make callouts easier to maintain. For example, if an endpoint URL changes, you update only the named credential. All callouts that reference the named credential simply continue to work.
- It supports two types of authentication protocols for now : Basic Authentication(Password authentication) or OAuth
To reference a named credential from a callout definition, use the named credential URL. For example: callout:My_Named_Credential/some_path.
Following are the steps to connect with external system using “Named Credential”:
- Create Connected App
- Create Authorization Provider
- Define Named Credential
- Use Apex to connect in 5 lines of code
- Create Connected App:
- Navigate to “Setup | Build | Create | Apps | Connected Apps” and click on New
- Provide all necessary information
- In “Callback URL” enter the temporary Salesforce URL. We will comeback again on this step later to provide Callback URL
- Check “Enable OAuth Settings” checkbox to use OAuth
- Select the scope
“Consumer Key” and “Consumer Secret” will be provided once you save this. We need this information on the next step.
- Create Authorization Provider:
- Navigate to “Setup | Administer | Security Controls | Auth. Providers | Create New”.
- Select “Salesforce” as Provider Type
- Provide “Consumer Key” and “Consumer Secret” from the previous step
- In “Default Scope” enter the value as “refresh_token full”. “refresh_token” and “full” should be separated by space
- Finally Save
Once you save, it will provide you the set of URLs in “Salesforce Configuration” section on the same page. Copy “Callback URL” and edit Connected App we created in previous step and set this URL as Callback URL.
- Define Named Credentials:
- Navigate to “Setup | Administer | Security Controls | Named Credentials | New Named Credential “.
- Provide the name (label)
- In URL, provide URL of Salesforce instance where we want to Connect
- Select “Named Principal” as Identity Type
- In our example select “Authentication Protocol” as OAuth 2.0
- Select the “Auth Provider” created in previous step
- In scope, enter the value as “refresh_token full”
- Check “Start Authentication Flow on Save” (this is important)
After clicking on “Save” new page will open to authenticate Salesforce Org using OAuth2 connected App. Login using the credentials of the salesforce instance that you want to connect to. If authentication is success, you can see message like “Authenticated as <Salesforce Username>”.
- Use Apex code to connect:
Use the lines similar to the below in your Apex code.
HttpRequest req = new HttpRequest();
Http http = new Http();
HTTPResponse resp = http.send(req);
[Note: Perform the first 3 steps in both the Salesforce orgs to be integrated.]