You need to sign in to do that
Don't have an account?
Basil Dobek
Does anyone understand the use case for the "OAuth 2.0 SAML Bearer Assertion Flow"?
The documentation (https://help.salesforce.com/articleView?id=remoteaccess_oauth_SAML_bearer_flow.htm) says the OAuth 2.0 SAML Bearer Assertion Flow is "used to request an OAuth access token when a client wants to use a previous authorization." Under what types of circumstances would a client have a previous authorization and why wouldn't they just use that authorization instead of trying to get another? Any insights or examples would be appreciated. Thanks.
This flow is generally used for authenticating applications to another. I would use this flow when I need to connect, for example, a custom Java application that sits on a web server to Salesforce. The most important part is here that the application solely communicates via the API and no user is ever going to set the connection up and/or approves the access as you would do in a web server or user agent flow.
Note: The "SAML Bearer Assertion Flow" flow creates a JSON based assertion.
Hope this helps.
Thanks,
Nagendra
All Answers
This flow is generally used for authenticating applications to another. I would use this flow when I need to connect, for example, a custom Java application that sits on a web server to Salesforce. The most important part is here that the application solely communicates via the API and no user is ever going to set the connection up and/or approves the access as you would do in a web server or user agent flow.
Note: The "SAML Bearer Assertion Flow" flow creates a JSON based assertion.
Hope this helps.
Thanks,
Nagendra