Authorisation Code with PKCE Flow

Authorisation Code With PKCE Flow

In this post we will talk about Authorisation Code with PKCE Flow(for browser, mobile & desktop apps). A variation of auth. code flow for clients which can’t protect a global secret. Better security than implicit grant / user-agent for similar use cases. Additional requirements Browser – for user to authenticate and consent Client can generate … Read more Authorisation Code with PKCE Flow

Implicit Grant (User-Agent) Flow

User Agent Flow

A simpler flow for clients which should not hold a global secret (e.g. distributed apps), but can be trusted with per-user access token. This flow is recommended when you build mobile or desktop application and your application can be distributed to anyone. So these kind of application are not considered as safe to store client secret … Read more Implicit Grant (User-Agent) Flow

Authorisation Code With Secret 
(Web Server flow)

Web Server Flow

Allows apps with a secure client server (one which can protect a secret or private key) to access protected resources. This flow is mainly used by applications hosted on web server. If external application is trusted one and hosted on secure server and can securely store client_secret, then flow can be used. This flow is used … Read more Authorisation Code With Secret 
(Web Server flow)

SAML Single Sign-On for Canvas App

Canvas App In Salesforce

Join us to learn about what is canvas app and how to configure SAML single sign-on (SSO) for a canvas app lets users easily access a new or existing application as a part of their Salesforce experience. What is Canvas Canvas allows developers to connect existing legacy system or any web-based application with Salesforce using … Read more SAML Single Sign-On for Canvas App

OpenID Connect in Salesforce

OpenID Connect in Salesforce

Join us to learn how to configure the OpenID Connect authentication provider to allow users to authenticate at Google/ Gmail to access a Salesforce environment. What is OpenID Connect? OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on … Read more OpenID Connect in Salesforce

Salesforce Single Sign on Flows | Identity Flows

SSO Flow and Decision Guide

Single Sign On (SSO) flows enable users to authenticate using their identity from an external system. There are three mechanisms which can be used to achieve this in Salesforce. 1) Delegated authentication Using delegated authentication, Force.com does not validate passwords but instead uses an external Web service to validate user credentials. When a user attempts to login, … Read more Salesforce Single Sign on Flows | Identity Flows

Delegated Authentication Flow in Salesforce

Delegated Authentication Flow in Salesforce

Delegated authentication allows Salesforce to accept a user’s credentials / authentication token, but pass to an external service for validation. Delegated authentication is similar to single sign-on (SSO), but it offers a slightly different experience to users. With delegated authentication, one system relies on another system to validate user credentials. For example, you can configure … Read more Delegated Authentication Flow in Salesforce

Introduction to Salesforce OmniStudio

Salesforce OmniStudio

The Salesforce OmniStudio digital engagement suite makes it easy to click-configure rich, consumer-grade user experiences based on objects, APEX classes, REST APIs and other data sources. In this session, Peter will explain the business and technical problems that led to the development of OmniStudio and review its key components. He’ll show some examples of OmniStudio … Read more Introduction to Salesforce OmniStudio