+ Start a Discussion
Mike ArthurMike Arthur 

How to authenticate from client application without requiring Salesforce log in by user

Hello,

An application is to be developed to allow information to be submitted to Salesforce from a public website.  Public users will not have Salesforce credentials.  What's the best way to achieve authentication for Rest API access?

I can see in the Force.com Rest API Developer's Guide that there is a username/password OAuth authentication flow.Are there any security drawbacks with this?
Would you normally set up a user specifically for this purpose, which will never be used by a real person, rather than using a 'real person' user, whose password may/should change at some point?
Any other suggestions?

Many Thanks,
Mike.
logontokartiklogontokartik
You can enable the REST API for public without even creating the User. Please see the below post.

https://developer.salesforce.com/blogs/developer-relations/2012/02/quick-tip-public-restful-web-services-on-force-com-sites.html