+ Start a Discussion
sfdc2705sfdc2705 

Making Authenticated Web Service callouts with the webservice hosted on IIS-Best approach suggestions

Hi,

we need salesforce to call the external webservice to get the response.
we want the external webservice to authenticate the request coming in from salesforce and only after verifying the authentication, it should send the response to salesforce.External webservice will be hosted on the IIS 7.5,

Appreciate any ideas on how to approach this.

Thanks in advance for help...!
kaustav goswamikaustav goswami
I think one of the most secure way of doing it is to use a certificate. Create a certificate in Salesforce. Download the certificate and get it signed by an external certificate authority. Then upload the signed certificate back into salesforce. The certificate also needs to be installed on your web server as a trusted certificate. This will ensure a two way SSL.

Now when you make the webservice call use the certificate name. For a better understanding please refer to the following link. YOu will get the necessary information from here:

https://www.salesforce.com/us/developer/docs/apexcode/Content/apex_callouts_client_certs.htm

Thanks,
Kaustav