function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Serafin Motos 19Serafin Motos 19 

Can I retrieve the password from Named Credentials before send the message?

I'm building an integration with a SOAP API v1.2, so I'm not able to use WSDL2Apex and I must create my own Request, and send it using Http.send(), storing the endpoint, user and password in a Named Credential.

​This SOAP API uses the standard PasswordDigest security in the XML header, and as this kind of authentication is not managed automaticaly by Salesforce (I do not understand why, it is an standard used frecuently), I must build the XML security header manually by encrypting the nonce + timestamp + password.

As salesforce merge the fields after the Http.send(), I need to obtain the password previously to encrypt it and build the XML header, so I'm not able to use '{!$Credential.Password}' and SOQL do not allows access to ii either.

So, how can I access the Named Credential password to build the XML security header node?
venkat-Dvenkat-D
See the setting for header generation and disable autoheader creation and create your custom one. Refer to below link for more information. 

https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_callouts_named_credentials_custom_headers_bodies.htm
Serafin Motos 19Serafin Motos 19
Thanks venky409, but my problem is with the XML header, included in the request's body, which it is completely different to the HTTP header you've sent me.
venkat-Dvenkat-D
Did you select authentication as Password ? in the named credentials
Lokeswara ReddyLokeswara Reddy
any solution for this?
Serafin Motos 19Serafin Motos 19
@venkat-D, I think you do not understood my question, the password was set in the Named Credentials, but I need to use it before call the Http.send().

@Lokeswara Reddy, Unfortunatelly Salesforce does not allows to do this. The way Salesforce builded Named Credentials is useless, most of the API's require to maniputlate dinamically the username or the password. So the only option is storing it in a Custom Setting.
Andrew Bikadorov 9Andrew Bikadorov 9
Got similar problem. I have to use User Name and Password in header but not as two different lines but one Username: Password, standard authentication give them on two lines. This supposed to be trivial change, but nowhere I could find how to properly do this ... I've tried all sorts of combinations for Named Credential but this still does not work line '{!$Credential.Password}' simply got passed as is without convertion into proper Password... could somebody please help.. I've even tried to use myCredentialName insted of Credential.pass... disabling and enabling creation of headers and merge variables in headers... nothing seem to be doing anyhing useful for me :(
Rahul JosephRahul Joseph
I reached this page after attempting to use named credentials in apex. It probably doesn't answer the above question but anyone who reaches this page like I did and is looking for code, pls use this.

Http http = new Http();
        HttpRequest request = new HttpRequest();
        // This line must be 1st. This is where apex figures out which callout to use.
        request.setEndpoint('callout:credential_name');
        // After the above line, we can use the values of UserName and Password defined for the callout
        // Also make sure both 'Allow Merge Fields in HTTP Header' and 'Allow Merge Fields in HTTP Body' are checked in SETUP->Named               //Credentials->credential_name
        request.setBody('api_username={!$Credential.UserName}&api_key={!$Credential.Password}');      
        request.setMethod('GET');
        HttpResponse response = http.send(request);
Ionel Sirbu 6Ionel Sirbu 6
You could even html-encode the injected values, e.g. 
request.setBody('api_username={!HTMLENCODE($Credential.Username)}&api_key={!HTMLENCODE($Credential.Password)}');

See https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_callouts_named_credentials_merge_fields.htm.
Alok Kumar 62Alok Kumar 62
I hadbeen facing the issue where I could not use Named credential merged fields of username and password in the request body.  The solution proposed by Rajul Joseph does work .
Govind Daga 7Govind Daga 7
I need username and password from the named credential in the apex class. anyone help, please. 
LinThawLinThaw

You can get look like this. Its worked.

public void Sample(){
        Http h = new Http();
        HttpRequest request = new HttpRequest();    
        
        String client_id = 'xxxx';
        String client_secret = 'xxxx';
        String tenantId = 'xxxx';
        //callout:API_TEST >> https://login.microsoftonline.com
        request.setEndpoint('callout:API_TEST/'+ tenantId +'/oauth2/v2.0/token');
        request.setMethod('POST');
        request.setBody('grant_type=password&scope=user.read&client_id='+ client_id +'&client_secret='+ client_secret +'&username={!HTMLENCODE($Credential.Username)}&password={!HTMLENCODE($Credential.Password)}');
        HttpResponse response = h.send(request);
    }

ref (https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_callouts_named_credentials_merge_fields.htm)