Apex Code Development You need to sign in to do that
Don't have an account?
Vidya Bhandary No login via web
Hi,
I have created a set of community users and I have them login only via the app I have created.
They should not be able to access the salesforce web link and log in with their credentials.
How can this be done ? Any ideas ?
I have created a set of community users and I have them login only via the app I have created.
They should not be able to access the salesforce web link and log in with their credentials.
How can this be done ? Any ideas ?
Please see if this helps: https://developer.salesforce.com/page/Using_OAuth_to_Authorize_External_Applications
Thanks,
Shashank
Please refer to the link below to not allow salesforce community users login via credentials-
https://appirio.com/category/tech-blog/2013/11/salesforce-communities-theres-no-place-like-homehomeor-is-there/
http://salesforce.stackexchange.com/questions/19145/how-to-roll-your-own-authentication-for-an-external-salesforce-app
Hope this helps.
I have already created an app that uses OAuth and it works fine.
I want the users to be able to log on ONLY using my app. Currently with a valid user ID and password- browser login to salesforce is possible. I want to stop that.
You can try if one of these approaches works for you:
1.) IP login restrictions: You can block users' IP address from logging into the org, by not whitelisting the IPs in your org's IP login list. Then, you can whitelist these IPs under the connected app you must have created in your org for your OAuth integration, so that these logins will be possible only through the Connected App. Help on how to do this: https://help.salesforce.com/apex/HTViewHelpDoc?id=connected_app_manage_edit.htm&language=en_US
2.) API-only user: There is a permission named "API Only" which can be assigned to a user through a profile or permission set. You can probably create a permission set with this permission enabled and assign it to your users, so that they can login only through the API. I have not personally tried it though.
If this answers your question, please mark this as the Best Answer for this post, so that others can benefit from this post.
Thanks,
Shashank
Thank you for your reply.
1. I cannot use the IP login restrictions approach for my business scenario.
2. API-only User - I see only API-Enabled in the permission set ( no API-only ) and I have already enabled this. It does not restrict the user from trying the direct salesforce link.
Thanks
Vidya
I created a developer edition org today and I did not find a default API-only access anywhere. Not sure what is happening here. Seems strange that a developer edition is different.
Apologies, I saw the permission in a trial Enterprise Edition org that I have access to, and not a developer edition org.
"API Only User" permission is available only in Enterprise and Unlimited Editions, in custom profiles and permission sets. It is not available in Developer or Professional Editions, even if API is enabled.
Thanks,
Shashank
Thanks for the clarification ! I was wondering why I could not see it. We have asked SF on this - so hoping to get an answer in a few days. We do have Enterprise editions but did not see this permission set.
Thank you
Vidya