our company would like to integrate with SFDC. Basically, we want to synchronize Leads/Contacts & Response data (hourly) between SFDC and our System.
The process involves following steps in Salesforce: -) User selects/defines a list of contacts/leads -) User clicks "sync"
-> By clicking on "sync", an asynchronous job (@future (callout=true)) will be created, which receives the User.getSessionId() as parameter
The job would run like every hour, therefore the sessionid should be kept alive. -> Is this a potential security issue, or not best practice?
Or is there a better solution for this issue?
We also thought of using a OAuth1.0 workflow, where the user authenticates with Salesforce within our application. But there again, is the issue of keeping the sessionid alive -> we would have to make frequent calls to the SF API in order to keep the sessionid alive. -> Please correct me if I am wrong.
our company would like to integrate with SFDC. Basically, we want to synchronize Leads/Contacts & Response data (hourly) between SFDC and our System.
The process involves following steps in Salesforce: -) User selects/defines a list of contacts/leads -) User clicks "sync"
-> By clicking on "sync", an asynchronous job (@future (callout=true)) will be created, which receives the User.getSessionId() as parameter
The job would run like every hour, therefore the sessionid should be kept alive. -> Is this a potential security issue, or not best practice?
Or is there a better solution for this issue?
We also thought of using a OAuth1.0 workflow, where the user authenticates with Salesforce within our application. But there again, is the issue of keeping the sessionid alive -> we would have to make frequent calls to the SF API in order to keep the sessionid alive. -> Please correct me if I am wrong.
