You need to sign in to do that
Don't have an account?
Autorisation to Salesforce from outside
Hi,
I'm currently looking for the best way to allow an external application to create or requet on Salesforce Leads&Contacts.
I already read all the documentation , i've done the integration_workbook but i still don't understand one thing.
In the workbook or the online documentation they are talking about connected app and consumer key and secret key.
But it's sounds pretty weird for me that we automatically need to set the key to my server for every Salesforce environment.
The only thing that i want it's to let the customer approve (or not) the autorisation my external app to request on Salesforce.
My example is Cirrus insight, when the user allow the application(from gmail) to communicate with Salesforce the user can create lead from this app. Nothing about connected app, remote site or all those kind of things.
Maybe i wasn't looking about the good documentation (rest,soap).
Thanks a lot for you help
Hi,
to me it looks like we are mixing apples and pears here. Consumer and Application keys are part of the OAuth authentication handshake and is something that you will be using when you are using the REST-api. The OAuth handsake will give you a token that doesn't expire (unless the user manually enters into Salesforce and deactivates it). During the OAuth handsake you ask the user to login at SFDC and you never sees the username and password. This behaviour is what you see when you login to chatter/Salesforce1 via a mobile app (or to Twitter and Facebook via a mobile app).
When you are using the SOAP-api you use the WSDLs and you will be using the login-call to get an active session. The session has a limited liftetime. You use a username and password that you generally store in your application to do the login.
I hope it helps!
All Answers
Hi Little Ninja,
Its not necessary that you go the connected app/remote access way - you can use the login() , get session ID and use the rest of APIs to connect with Salesoforce from outside:
Read more: http://www.salesforce.com/us/developer/docs/api/Content/sforce_api_calls_login.htm
Thanks for your answer,
But it looks like i need to use the wsdl - and that the token will expire aren't they?
Hi,
to me it looks like we are mixing apples and pears here. Consumer and Application keys are part of the OAuth authentication handshake and is something that you will be using when you are using the REST-api. The OAuth handsake will give you a token that doesn't expire (unless the user manually enters into Salesforce and deactivates it). During the OAuth handsake you ask the user to login at SFDC and you never sees the username and password. This behaviour is what you see when you login to chatter/Salesforce1 via a mobile app (or to Twitter and Facebook via a mobile app).
When you are using the SOAP-api you use the WSDLs and you will be using the login-call to get an active session. The session has a limited liftetime. You use a username and password that you generally store in your application to do the login.
I hope it helps!