+ Start a Discussion
Patcs_1Patcs_1 

Secret Key and Consumer Key

Hi All

I have one question, In my Production there is an connected app and I have Secret and consumer Key for that Application to access production environment of salesforce, but in sandbox I dont have any connected apps still that 3rd party application was able to access the sandbox environment.

so my question is the consumer and secret key are not unique with respect to orgs?
using production consumer and secret key will they access all the sandboxs?

please clarify!

Thanks in Advance!!!
 
Best Answer chosen by Patcs_1
Gaurav KheterpalGaurav Kheterpal
This is a very common confusion on how connected apps actually work so let me clarify it in detail.

If you define a Connected App in at least in one org, that registers that Application name on the Salesforce service such that the client Id and token are now validate to perform oAuth against any other Salesforce org. This is also explained in this (https://developer.salesforce.com/blogs/developer-relations/2011/07/quick-tip-using-oauth-across-multiple-orgs.html) blog post.

"You only need to setup a single Remote Access Application and you can then use the assigned ’Client Id’ and ‘Client Secret’ values to have users log into any Salesforce Org – not just the one where the Remote Access Application was setup. This question is especially relevant to ISV partners that are developing Managed Package applications are are installed by multiple customers in their respective Orgs"

I hope this helps.

If my answer helps resolve your query, please mark it as the 'Best Answer' to benefit others and improve the overall quality of Discussion Forums.

Gaurav Kheterpal
Certified Force.com Developer| Developer Forums Moderator| Dreamforce Speaker

    




 

All Answers

Gaurav KheterpalGaurav Kheterpal
This is a very common confusion on how connected apps actually work so let me clarify it in detail.

If you define a Connected App in at least in one org, that registers that Application name on the Salesforce service such that the client Id and token are now validate to perform oAuth against any other Salesforce org. This is also explained in this (https://developer.salesforce.com/blogs/developer-relations/2011/07/quick-tip-using-oauth-across-multiple-orgs.html) blog post.

"You only need to setup a single Remote Access Application and you can then use the assigned ’Client Id’ and ‘Client Secret’ values to have users log into any Salesforce Org – not just the one where the Remote Access Application was setup. This question is especially relevant to ISV partners that are developing Managed Package applications are are installed by multiple customers in their respective Orgs"

I hope this helps.

If my answer helps resolve your query, please mark it as the 'Best Answer' to benefit others and improve the overall quality of Discussion Forums.

Gaurav Kheterpal
Certified Force.com Developer| Developer Forums Moderator| Dreamforce Speaker

    




 
This was selected as the best answer
Patcs_1Patcs_1
Thanks for your reply!!! Now I am able to understand.
Suresh RaghuramSuresh Raghuram
Hi Gaurav,

Could you please shower your thoughts on this.
https://developer.salesforce.com/forums?communityId=09aF00000004HMGIA2#!/feedtype=SINGLE_QUESTION_DETAIL&dc=APIs_and_Integration&criteria=OPENQUESTIONS&id=906F0000000AyYlIAK