Authorisation Code with PKCE Flow

Authorisation Code With PKCE Flow

In this post we will talk about Authorisation Code with PKCE Flow(for browser, mobile & desktop apps). A variation of auth. code flow for clients which can’t protect a global secret. Better security than implicit grant / user-agent for similar use cases. Additional requirements Browser – for user to authenticate and consent Client can generate … Read more Authorisation Code with PKCE Flow

Implicit Grant (User-Agent) Flow

User Agent Flow

A simpler flow for clients which should not hold a global secret (e.g. distributed apps), but can be trusted with per-user access token. This flow is recommended when you build mobile or desktop application and your application can be distributed to anyone. So these kind of application are not considered as safe to store client secret … Read more Implicit Grant (User-Agent) Flow

Authorisation Code With Secret 
(Web Server flow)

Web Server Flow

Allows apps with a secure client server (one which can protect a secret or private key) to access protected resources. This flow is mainly used by applications hosted on web server. If external application is trusted one and hosted on secure server and can securely store client_secret, then flow can be used. This flow is used … Read more Authorisation Code With Secret 
(Web Server flow)

SAML Single Sign-On for Canvas App

Canvas App In Salesforce

Join us to learn about what is canvas app and how to configure SAML single sign-on (SSO) for a canvas app lets users easily access a new or existing application as a part of their Salesforce experience. What is Canvas Canvas allows developers to connect existing legacy system or any web-based application with Salesforce using … Read more SAML Single Sign-On for Canvas App

OpenID Connect in Salesforce

OpenID Connect in Salesforce

Join us to learn how to configure the OpenID Connect authentication provider to allow users to authenticate at Google/ Gmail to access a Salesforce environment. What is OpenID Connect? OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on … Read more OpenID Connect in Salesforce

Salesforce Single Sign on Flows | Identity Flows

SSO Flow and Decision Guide

Single Sign On (SSO) flows enable users to authenticate using their identity from an external system. There are three mechanisms which can be used to achieve this in Salesforce. 1) Delegated authentication Using delegated authentication, Force.com does not validate passwords but instead uses an external Web service to validate user credentials. When a user attempts to login, … Read more Salesforce Single Sign on Flows | Identity Flows

Delegated Authentication Flow in Salesforce

Delegated Authentication Flow in Salesforce

Delegated authentication allows Salesforce to accept a user’s credentials / authentication token, but pass to an external service for validation. Delegated authentication is similar to single sign-on (SSO), but it offers a slightly different experience to users. With delegated authentication, one system relies on another system to validate user credentials. For example, you can configure … Read more Delegated Authentication Flow in Salesforce

OpenID Connect (OIDC) Flow in Salesforce

OpenID Connect (OIDC) Flow

Allows confirmation of identity through an extended version of OAuth 2.0. OpenId Connect authenticate users without having to get your hands dirty with passwords. Consume OpenID Connect from popular Identity providers with Social Sign-On. Provide a single, branded Identity to your own users and applications using OpenID Connect. Use any third-party web app that implements … Read more OpenID Connect (OIDC) Flow in Salesforce

Identity Provider Initiated SSO Flow

Identity Provider (IDP) Initiated SSO

In this session we will talk Salesforce As Identity provider(IP). Allows an identity provider (IDP) to redirect to a service provider (SP) with a SAML assertion which confirms their identity and allows for automatic login. NOTE: The system that authenticates users is called an identity provider. The system that trusts the identity provider for authentication … Read more Identity Provider Initiated SSO Flow