function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Baz DensonBaz Denson 

Basic Authentication with Incoming Rest request

Problem:
We have a requirement from a manufacturer to expose an API endpoint. The OEM submits a getPartsInvoice request and we respond with a showPartsInvoice response.

Authentication:
Web Service security will be accomplished through a combination of TLS (Transport Layer Security) and BA (Basic Authentication) at the OEM level. We will issue credentials (UserID and Password) to the OEM. The OEM must include the credentials in the REST request using the BA protocol. These credentials will not expire unless revoked by us.

As I understand it, Salesforce does not support BA for incoming connections. Is there any way to get around this?

One solution I thought of was to have a Heroku gateway in the middle. The OEM would send the request to Heroku using BA, heroku would then send on the request to Salesforce using OAuth2.0. Salesforce would then respond to Heroku which would pass on the response to the OEM.

Can anyone suggest a better way, or point out any problems with the Heroku approach?