+ Start a Discussion
Dhruv Khattar 8Dhruv Khattar 8 

Rest API with basic authentication but without token?

I'm creating a REST API that an external system needs to post notifications to.

The notifications contain some sensitive data so it would like to authenticate to the REST API but their system can only handle basic authentication using a username and password... no handshakes, no requesting/storing/exchanging of tokens and not even a Client ID and Password. (That is the authentication mechanism that I use to post requests to their system as well).

Is there any means to do that with Salesforce? Publicly exposed API is not an option, nor is username-password based oAuth2. Any reasonable workarounds?

Thanks y'all!

Best Answer chosen by Dhruv Khattar 8
Arun_KharbArun_Kharb
Hey Dhruv, If the external system can't even store access token then without that you cannot do call to Salesforce because Bearer/Oauth Token is must.
I can think of only User-Agent Authentication flow for you. But still you have to define Client Id in parameter .
For your reference - https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com
Go through this document and check which one will serve your purpose.