+ Start a Discussion

Allow external app to login to SFDC but without exposing my orgs configuration details.

I am performing real-time integration between SFDC and external application.We have generated a custom webservice and provided the wsdl to the external app.Since I am not implementing any login method in this webservice there is no way to login to SFDC from external app.

I am aware if we use enterprise/partner wsdl we get the login method but using these wsdl would also expose my organizations complete configuration information which I would not like to happen.

In this case how would we allow external app to login to SFDC?


you can create a WSDL for your class only, you don't have to use the Enterprise or partner wsdl




Thanks for the reply!!

I understand creating our own custom webservice and sharing the wsdl with external app.However to invoke these webservice, external app needs to login to SFDC.I am not implementing any login method in my webservice.

Since Login method is implemented in enterprise/partner wsdl, i thought of sharing the enterprise wsdl with the external app for login purpose only but sharing enterprise wsdl would also expose my org's entire configuration which i don't want to happen.

Please can someone suggest me on this. This is urgent.


They'll be able to call the API regardless of whether you give them the WSDL or not, access control should be done by setting up the users profile correctly.


Could you please let me know in detail?How can someone access the my custom webservice methods without logging into my org's instance


THey'll need a session ID, either from calling login, or using one of the other methods (oAuth, weblink).